Boxes

Every box, ranked by pain.

Each box is a fully-isolated environment with a real attack surface. No CTF-style flag-hunting through tar files. You get a vulnerable Docker host, k8s cluster, or pipeline — and you root it.

Sockmonkey

Coming soon

A mounted docker.sock is a free shell on the host.

docker.sock · privesc · escape

easycontainer escape

Privileged

Coming soon

When --privileged was the only flag they read.

capabilities · cgroup · host-mount

easycontainer escape

Tiller

Coming soon

Helm 2 left the door wide open.

helm · rbac · cluster-admin

mediumkubernetes offense

Anonymous

Coming soon

Anonymous auth on the kubelet API. What could go wrong?

kubelet · exec · node

mediumkubernetes offense

Manifest Destiny

Coming soon

Mutating admission webhooks accept the strangest things.

admission-controller · supply-chain

hardkubernetes offense

Runaway

Coming soon

Leaky file descriptors, runc, and a kernel.

runc · CVE-2024-21626 · kernel

insanecontainer escape

Actions Speak

Coming soon

pull_request_target was a mistake.

github-actions · injection · runner

mediumci/cd compromise

Trust Fall

Coming soon

Misconfigured OIDC trust = AWS keys for free.

oidc · aws · trust-policy

hardci/cd compromise

22 more boxes incoming

First wave drops with public launch. Founding members get early access.