Peirates

MITRE

Malware Type:
Tool

First seen:
Unknown

Last seen:
Unknown

Details:

[Peirates](https://attack.mitre.org/software/S0683) is a post-exploitation Kubernetes exploitation framework with a focus on gathering service account tokens for lateral movement and privilege escalation. The tool is written in GoLang and publicly available on GitHub.(Citation: Peirates GitHub)

Associated Techniques (12)

ID	ATT&CK	Tactics
T1046	Network Service Discovery	-
T1078.004	Cloud Accounts	-
T1528	Steal Application Access Token	-
T1530	Data from Cloud Storage	-
T1550.001	Application Access Token	-
T1552.005	Cloud Instance Metadata API	-
T1552.007	Container API	-
T1609	Container Administration Command	-
T1610	Deploy Container	-
T1611	Escape to Host	-
T1613	Container and Resource Discovery	-
T1619	Cloud Storage Object Discovery	-

Used by Actors (1)

TeamTNT
Unknown

Metadata

ID:	737
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00