Initial access

Initial Access into a Kubernetes cluster is usually the most difficult stage and for the most part, is not specific to Kubernetes and relies on one of the following:

• Finding a weakness in an application being hosted in a Kubernetes cluster
  • Application Vulnerability
• Supply chain compromise
  • Compromised Images In Registry
• Abusing Developer Resources
  • Kubeconfig File
  • Exposed Sensitive Interfaces
  • Using Cloud Credentials