My experience with Nullcon Training – Hacking and Securing Kubernetes clusters by Madhu

My experience with Nullcon Training – Hacking and Securing Kubernetes clusters by Madhu

The 4 days of Nullcon training was total bliss! It was my first time with Nullcon trainings and it was a super amazing experience.

Writing this blog post as I wanted to share my experience with you all.

Nullcon Trainings happen every year. It runs for 4 days for 16 hours in total. The trainings are lab-based where you learn the concepts and then implement it on the labs provided by the trainer.

I enrolled for Madhu’s Hacking and Securing Kubernetes Clusters. Lets start from day1

Day 1

I have never been to a physical training, so I was not really sad about the fact that the training is not happening physically. The training was hosted over zoom with Antriksh moderating it! Its good to have known faces around 🙂

First day started off with introduction of all the attendees. People were attending it from USA, Netherlands, Germany and obviously India.

Day 1 was the fasttrack edition of kubernetes fundamentals. Since I knew the fundamentals already, the fasttrack session was kind of a recap for me and it did really refreshed my memory around kubernetes.

The takeaway from day1 was a lot of really good references that Madhu provided. Also, he had mentioned some good commands corresponding to an attacker’s perspective (which I didn’t already know). He explained scenarios and examples really well. My fellow attendees came up with some really good questions that really helped me to understand the scenarios better!

Day 2

Days 2 was more off into attacking the Kubernetes. Various scenario-based labs really aided in building the approach towards attacking containers and kubernetes.

Basically, I am nmap user. I used zmap today for the first time and the results came in quite quick. Usage of zmap perfectly matches the usescase where the entire network range has to be scanned.

The labs covered namespace bypass, escaping out from pod to node, lateral movement, insecure private docker registries. A lab also involved querying the API server through service accounts. I found that lab pretty interesting.

Another amazing thing was the hacker-container built by Madhu. It has a collection of all the important tools for Kubernetes pentest, aggregated in a container. The reason as he mentioned was, that all of those tools were required at a point in k8 pentest, so its good to have our own container in the environment to easily test out the things.

Day 3

The day started off with a bunch of other attack scenarios. Got insights on where to hunt for secret information, once inside the container. Logs, system event, cluster dump were some good places to look.

One of the scenarios, “Pwning the cluster by escaping the RBAC privileges” was pretty tricky to understand at first. Madhu did a great job in explaining it.

In the other half of day 3, we explored the audit tools and CIS benchmark standard. Again, I got to know about some really good github repositories like k9s, popeye, kubesec, hadolint, buildkit, buildah.

As we were in this training virtually, the fun of the physical training got missing. But Antriksh managed to add some by playing his awesome playlist, while there was a break.

Day 4

Day 4 started with digging more into how to secure the kubernetes. We explored a lot inRBAC, OPA rules, logging and monitoring!

Also, how I can miss that.. the group photo.

In the end, Madhu shared a whole bunch of resources to follow, lots of GitHub repos. My all time favourite being katacoda. It literally covers a lot of scenerios on containers and Kubernetes and its totally worth giving a try.

I was aware of play with docker labs, but play with Kubernetes also existed and I am looking forward to trying it out. These browser-based labs are surely gonna make setup hasslefree.


It was my first Nullcon training and I can definitely say that now I know a lot more about Kubernetes than I knew 4 days before. Thanks to Madhu! He is really a master of his field. Also, he is an excellent trainer. I would highly recommend anyone with a background in container/k8/cloud to definitely attend his training in future.

Conducting trainings virtually has its own limitations, but Nullcon team pulled it off really well. A speacial mention to Antriksh for smooth moderation for 4 days and for his amazing playlist that really cheered us all.

Thanks for reading!

You can read about my past experiences of Nullcon here.

Read More

That’s all for the post! See you in the next one. Until then, happy kubernetes hunting! 🙂


I am Shreya Pohekar. I love to build and break stuff. Currently, I'm working as iOS and angular developer. I am also a contributor to CodeVigilant project. My blogs are focused on Infosec and Dev and its how to's.

Leave a Reply