To build this project, run the
make command from the root folder.
To run quick build for Linux, you can run the following:
go build -o agent cmd/merlinagent/main.go
go build -o server cmd/merlinserver/main.go
We created YARA rules that will help to catch Kubesploit binaries. The rules are written in the file
Every Go module loaded to the agent is being recorded inside the victim machine.
We created a MITRE map of the vectors attack being used by Kubesploit.
Mitigation for Modules
For every module we created, we wrote its description and how to defend from it.
We sum it up in the MITIGATION.md file.
We welcome contributions of all kinds to this repository.
For instructions on how to get started and descriptions of our development workflows, please see our contributing guide.
We want to thank Russel Van Tuyl (@Ne0nd0g) for creating Merlin as an open-source that allowed us to build Kubesploit on top of it.
We also want to thank Traefik Labs (@traefik) for creating Go interpreter (“Yaegi”) that allowed us to run the Golang modules on a remote agent easily.
Share Your Thoughts And Feedback
For more comments, suggestions or questions, you can contact Eviatar Gerzi (@g3rzi) from CyberArk Labs or open an issue. You can find more projects developed by us at https://github.com/cyberark/.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.