Detecting a Container Escape with Cilium and eBPF - Isovalent
Tags
| attack-pattern: | Data Direct Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Connection Proxy - T1090 |
Common Information
| Type | Value |
|---|---|
| UUID | 4fc8c9ae-4a81-45a2-a7ed-17be8c811861 |
| Fingerprint | ad33ddd5bf251782 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Nov. 16, 2021, midnight |
| Added to db | Jan. 18, 2023, 7:55 p.m. |
| Last updated | Nov. 15, 2024, 12:36 p.m. |
| Headline | Detecting a Container Escape with Cilium and eBPF |
| Title | Detecting a Container Escape with Cilium and eBPF - Isovalent |
| Detected Hints/Tags/Attributes | 47/1/9 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | http://isovalent.com/blog/post/2021-11-container-escape |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 2 | docker-entrypoint.sh |
|
| Details | Domain | 291 | raw.githubusercontent.com |
|
| Details | Domain | 1 | isovalent.com |
|
| Details | File | 1 | 18_zipper.py |
|
| Details | Github username | 2 | realpython |
|
| Details | sha256 | 1 | 569f3fd3a626a4cfd50e4556425216a5b8ab3d8bf9476c1b1c615b83ffe4000a |
|
| Details | sha256 | 1 | d8797011275f12c0a22d308227364493954c9e07e21c96c7caf6cf50b892d638 |
|
| Details | IPv4 | 2 | 185.199.110.133 |
|
| Details | Url | 1 | https://raw.githubusercontent.com/realpython/python-scripts/master/scripts/18_zipper.py |