绿盟云原生安全研究仓库
https://github.com/Metarget/

红蓝对抗中的云原生漏洞挖掘及利用实录
https://security.tencent.com/index.php/blog/msg/183

浅谈云安全之K8S
https://www.anquanke.com/post/id/245526

红队视角下的公有云基础组件安全
https://mp.weixin.qq.com/s/r0DuASP6gH_48b5sJ1DCTw

Kube-hunter - 用于 Kubernetes 渗透测试的开源工具
https://blog.aquasec.com/kube-hunter-kubernetes-penetration-testing

S3 存储桶允许公共读取访问风险
https://orca.security/resources/cloud-risk-encyclopedia/s3-bucket-allows-public-read-access/?blaid=2590911