·security-testing
!

security-testing

ionfury/homelabGitHub: ionfury/homelabSource: ionfury/homelab

Adversarial security testing methodology for the Kubernetes homelab. Covers network policy evasion, authentication bypass, privilege escalation, credential theft, and supply chain attacks. Use when: (1) Red team testing against the homelab, (2) Validating network policy enforcement, (3) Testing WAF bypass on external gateway, (4) Probing authentication layers, (5) Assessing container escape paths, (6) Auditing RBAC and service accounts, (7) Testing supply chain security of OCI promotion pipeline. Triggers: "security test", "red team", "pentest", "penetration test", "attack surface", "WAF bypass", "network policy evasion", "privilege escalation", "lateral movement", "credential theft", "container escape", "RBAC audit", "security audit", "vulnerability"

ionfury·security·testing
20Installs·1Trend·@ionfury

Installation

GitHub: ionfury/homelab
$npx skills add https://github.com/ionfury/homelab --skill security-testing

How to Install security-testing

Quickly install security-testing AI skill to your development environment via command line

  1. Open Terminal: Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.)
  2. Run Installation Command: Copy and run this command: npx skills add https://github.com/ionfury/homelab --skill security-testing
  3. Verify Installation: Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code, Cursor, or OpenClaw

Source: ionfury/homelab.

SKILL.md

View raw

This homelab has six primary attack layers. See references/attack-surface.md for the full inventory of known weaknesses per layer.

| Network | Cilium default-deny, profile CCNPs | Prometheus scrape baseline (any port), escape hatch window, intra-namespace freedom | | Gateway | Coraza WAF, Istio Gateway API | WAF FAILOPEN, PL1 bypass, gateway allowedRoutes.from: All |

| Authentication | OAuth2-Proxy, Authelia 2FA, app-native | 7-day cookie, brute force window, Vaultwarden admin redirect bypass | | Authorization | PodSecurity admission, RBAC | Minimal custom RBAC, homepage ClusterRole reads cluster | | Container | Security contexts, Istio mTLS | Gluetun root+NETADMIN+no mesh, Cilium agent SYSADMIN |

Adversarial security testing methodology for the Kubernetes homelab. Covers network policy evasion, authentication bypass, privilege escalation, credential theft, and supply chain attacks. Use when: (1) Red team testing against the homelab, (2) Validating network policy enforcement, (3) Testing WAF bypass on external gateway, (4) Probing authentication layers, (5) Assessing container escape paths, (6) Auditing RBAC and service accounts, (7) Testing supply chain security of OCI promotion pipeline. Triggers: "security test", "red team", "pentest", "penetration test", "attack surface", "WAF bypass", "network policy evasion", "privilege escalation", "lateral movement", "credential theft", "container escape", "RBAC audit", "security audit", "vulnerability" Source: ionfury/homelab.

Facts (cite-ready)

Stable fields and commands for AI/search citations.

Install command
npx skills add https://github.com/ionfury/homelab --skill security-testing
Source
ionfury/homelab
Category
!Security
Verified
First Seen
2026-02-28
Updated
2026-03-10
URL
https://www.learn-skills.dev/en/skills/ionfury/homelab/security-testing

Browse more skills from ionfury/homelab

Quick answers

What is security-testing?

Adversarial security testing methodology for the Kubernetes homelab. Covers network policy evasion, authentication bypass, privilege escalation, credential theft, and supply chain attacks. Use when: (1) Red team testing against the homelab, (2) Validating network policy enforcement, (3) Testing WAF bypass on external gateway, (4) Probing authentication layers, (5) Assessing container escape paths, (6) Auditing RBAC and service accounts, (7) Testing supply chain security of OCI promotion pipeline. Triggers: "security test", "red team", "pentest", "penetration test", "attack surface", "WAF bypass", "network policy evasion", "privilege escalation", "lateral movement", "credential theft", "container escape", "RBAC audit", "security audit", "vulnerability" Source: ionfury/homelab.

How do I install security-testing?

Open your terminal or command line tool (Terminal, iTerm, Windows Terminal, etc.) Copy and run this command: npx skills add https://github.com/ionfury/homelab --skill security-testing Once installed, the skill will be automatically configured in your AI coding environment and ready to use in Claude Code, Cursor, or OpenClaw

Where is the source repository?

https://github.com/ionfury/homelab

Details

Category
!Security
Source
skills.sh
First Seen
2026-02-28

Related Skills

prometheus
52 Installs
opentofu-modules
48 Installs
terragrunt
45 Installs
taskfiles
43 Installs
k8s
24 Installs
self-improvement
23 Installs