kube-hunter

Free

Updated 11 March 2025

Vulnerability Management

Vulnerability Scanning

Visit Website

kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. You should NOT run kube-hunter on a Kubernetes cluster that you don't own! Run kube-hunter: kube-hunter is available as a container (aquasec/kube-hunter), and we also offer a web site at kube-hunter.aquasec.com where you can register online to receive a token allowing you to see and share the results online. You can also run the Python code yourself as described below. Explore vulnerabilities: The kube-hunter knowledge base includes articles about discoverable vulnerabilities and issues. When kube-hunter reports an issue, it will show its VID (Vulnerability ID) so you can look it up in the KB at https://aquasecurity.github.io/kube-hunter/

FEATURES

The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.

EXPLORE BY TAGS

Kubernetes

Kubernetes Security

Container Security

Cloud Security

Vulnerability Scanning

SIMILAR TOOLS

Acunetix Web Vulnerability Scanner Demonstration Site

A demonstration site for the Acunetix Web Vulnerability Scanner, intentionally vulnerable to various web-based attacks.

Free

Vulnerability Management

dom-red

A small script to check a list of domains against open redirect vulnerability

Free

Vulnerability Management

Vuls

Vulnerability scanner for Linux/FreeBSD, written in Go, agent-less, informs users of vulnerabilities related to the system and affected servers.

Free

Vulnerability Management

Acunetix Web Vulnerability Scanner Demo Site

A demonstration site for the Acunetix Web Vulnerability Scanner, featuring intentionally vulnerable PHP code to test web application security.

Free

Vulnerability Management

Buster

Advanced email reconnaissance tool leveraging public data.

Free

Vulnerability Management

DVWA - Brute Force (High Level) - Anti-CSRF Tokens

A guide to brute forcing DVWA on the high security level with anti-CSRF tokens

Free

Vulnerability Management

ocaml-yara by Elastic

OCaml bindings to the YARA scanning engine for integrating YARA scanning capabilities into OCaml projects

Free

Vulnerability Management

Node.js Bug Bounty Program

The Node.js Bug Bounty Program is a program aimed at identifying and fixing security vulnerabilities in the Node.js ecosystem.

Free

Vulnerability Management

Bug Bounty Reference

A categorized collection of bug bounty write-ups for various vulnerabilities.

Free

Vulnerability Management

PINNED

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security