Title: Hacking Docker Containers
Description:
This workshop introduces students to the security concepts associated with Docker. Docker is a popular software for containerization and it is widely used in Information Technology Industry. It's popularity also brings a larger attack surface and thus it is important to understand it's security aspects to be able to protect Docker containers. This workshop is designed for audience with any experience.
Section 1: Fundamentals of Docker
Introduction to Docker
• Virtual Machines vs Containers
• Building your first Docker image
• Running your first Docker container
• Images vs Containers
• cgroups
• namespaces
• Introduction to Docker Registry
Section 2: Hacking and Securing Docker Containers
1. Docker attack surface
2. Exploiting vulnerable images
3. Privilege escalation using volume mounts
4. Container escape using docker.sock
5. Writing to Kernel space from a container
6. Automated assessments using docker bench security
