Home Commands Tools Labs Defense Center Learning Paths Quizzes Challenges CTF Hubs Premium Log in

Library

Command reference

Search the live database for syntax, tools, use cases, tags, MITRE context, and safe lab-ready command examples.

140 results
Defensive Intermediate Free

List service account token secrets.

List service account token secrets.

kubectl get secrets -A --field-selector type=kubernetes.io/service-account-token
kubernetes container-security expanded-library
Kubernetes / Container Security Open
Defensive Intermediate Free

Inspect pod security and runtime details.

Inspect pod security and runtime details.

kubectl describe pod web-frontend -n production
kubernetes container-security expanded-library
Kubernetes / Container Security Open
Defensive Intermediate Free

Extract pod security contexts.

Extract pod security contexts.

kubectl get pods -A -o jsonpath="{..securityContext}"
kubernetes container-security expanded-library
Kubernetes / Container Security Open
Defensive Intermediate Free

Review cluster events by time.

Review cluster events by time.

kubectl get events -A --sort-by=.metadata.creationTimestamp
kubernetes container-security expanded-library
Kubernetes / Container Security Open
Defensive Intermediate Free

List validating admission webhooks.

List validating admission webhooks.

kubectl get admissionregistration.k8s.io/validatingwebhookconfigurations
kubernetes container-security expanded-library
Kubernetes / Container Security Open
Defensive Intermediate Free

Review pod resource usage for anomalies.

Review pod resource usage for anomalies.

kubectl top pods -A
kubernetes container-security expanded-library
Kubernetes / Container Security Open
Defensive Beginner Free

Scan a container image for vulnerabilities.

Scan a container image for vulnerabilities.

trivy image nginx:1.23
trivy vulnerability-management expanded-library
Trivy / Vulnerability Management Open
Defensive Beginner Free

Scan filesystem for vulnerabilities and misconfiguration.

Scan filesystem for vulnerabilities and misconfiguration.

trivy fs --security-checks vuln,config .
trivy vulnerability-management expanded-library
Trivy / Vulnerability Management Open
Defensive Beginner Free

Scan IaC configuration.

Scan IaC configuration.

trivy config ./terraform
trivy vulnerability-management expanded-library
Trivy / Vulnerability Management Open
Defensive Beginner Free

Filter image scan to high and critical issues.

Filter image scan to high and critical issues.

trivy image --severity HIGH,CRITICAL app:latest
trivy vulnerability-management expanded-library
Trivy / Vulnerability Management Open
Defensive Beginner Free

Write image scan results as JSON.

Write image scan results as JSON.

trivy image --format json --output trivy-report.json app:latest
trivy vulnerability-management expanded-library
Trivy / Vulnerability Management Open
Defensive Beginner Free

Scan a repository.

Scan a repository.

trivy repo https://github.com/example/project
trivy vulnerability-management expanded-library
Trivy / Vulnerability Management Open