Containers Penetration Testing

THREATS, TACTICS AND PROCEDURES TTP
MITRE’S ATT&CK®
Containers Pen Test
Initial Access to the Containers
1. Exploit Public-Facing Applications.
2. External Remote Services.
3. Valid Accounts.
Execution of Containers
1. Container Administration Command.
2. Deploy Container.
3. Scheduled Task/Job.
4. User Execution.
Persistence of Adversaries in the Containers
1. External Remote Services.
2. Implant Internal Image.
3. Scheduled Task/Job.
4. Valid Accounts.
Privilege Escalation in the Containers
1. Escape to Host.
2. Exploitation for Privilege Escalation.
3. Scheduled Task/Job.
4. Valid Accounts.
Defence Evasion of Adversaries in the Containers
1. Impair Defenses. 
2. Build Image on Host.
3. Deploy Container
4. Valid Accounts.
5. Indicator Removal of Hosts.
6. Masquerading.
Credential Access in the Containers by Adversaries
1. Brute Force Attacks.
2. InSecure Credentials. 
Discovery of Containers by Adversaries
1. Network Service Scanning.
2. Container and Resource Discovery.
Impact on Containers due to Adversarial Attacks
1. EndPoint Denial of Service.
2. Network Denial of Service.
3. Resource Hijacking.

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.