kube-hunter Logo

kube-hunter

0
Free
Visit Website

kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. You should NOT run kube-hunter on a Kubernetes cluster that you don't own! Run kube-hunter: kube-hunter is available as a container (aquasec/kube-hunter), and we also offer a web site at kube-hunter.aquasec.com where you can register online to receive a token allowing you to see and share the results online. You can also run the Python code yourself as described below. Explore vulnerabilities: The kube-hunter knowledge base includes articles about discoverable vulnerabilities and issues. When kube-hunter reports an issue, it will show its VID (Vulnerability ID) so you can look it up in the KB at https://aquasecurity.github.io/kube-hunter/

FEATURES

ALTERNATIVES

A tool that showcases the attack surface of a given Android device, highlighting potential vulnerabilities and security risks.

A tool that detects dangling DNS records in a multi-cloud environment to prevent subdomain takeovers.

An open-source tool for finding security vulnerabilities, compliance issues, and infrastructure misconfigurations in infrastructure-as-code

A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.

Linux privilege escalation auditing tool for detecting security deficiencies in Linux kernels.

A collection of Ansible roles for hardening various systems and services

Vulnerable web application for beginners in penetration testing.

A tool that assesses AWS accounts for subdomain hijacking vulnerabilities in Route53 and CloudFront configurations.