Inspektor Gadget is a collection of tools (or gadgets) to debug and inspect Kubernetes resources and applications. It manages the packaging, deployment and execution of eBPF programs in a Kubernetes cluster, including many based on BCC tools, as well as some developed specifically for use in Inspektor Gadget. It automatically maps low-level kernel primitives to high-level Kubernetes resources, making it easier and quicker to find the relevant information. The Gadgets Inspektor Gadget tools are known as gadgets. You can deploy one, two or many gadgets. Explore the following documentation to find out which tools can help you in your investigations. advise: network-policy seccomp-profile audit: seccomp profile: block-io cpu tcprtt snapshot: process socket top: block-io ebpf file tcp trace: bind capabilities dns exec fsslower mount oomkill open signal sni tcp tcpconnect tcpdrop tcpretrans traceloop Installation Install Inspektor Gadget (client-side): Use krew plugin manager to install: $ kubectl krew install gadget Install Inspektor Gadget on Kubernetes: $ kubectl gadget deploy Read the detailed install instructions to find more information. How to use kubectl gadget --help will provide
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Cloudmarker is a configurable cloud monitoring tool and framework that audits Azure and GCP environments by retrieving, analyzing, and alerting on cloud security data.
HAWK is a multi-cloud antivirus scanning API that uses CLAMAV and YARA engines to detect malware in AWS S3, Azure Blob Storage, and GCP Cloud Storage objects.
Kube-bench is a security assessment tool that validates Kubernetes deployments against CIS Kubernetes Benchmark standards through automated configuration checks.
A tutorial demonstrating how to implement Kubernetes Engine security features to control application privileges through host access controls and network access policies.
SkyWrapper analyzes temporary token behaviors in AWS accounts to detect suspicious activities and generates Excel reports with findings summaries.
TerraGoat is a deliberately vulnerable Terraform repository that demonstrates common cloud infrastructure misconfigurations for training and testing security tools.
A Docker security vulnerability where disabling inter-container communication (ICC) fails to block raw ethernet frames, allowing unexpected data transfer between containers via raw sockets.
Collection of Kubernetes manifests creating pods with elevated privileges for security testing.
KICS is an open-source Infrastructure as Code security scanner that detects vulnerabilities and misconfigurations through customizable queries and integrates with CI/CD pipelines.