github/kube-hunter
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-hunter.git synced 2026-05-11 03:37:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of bitbucket.org:scalock/kube-hunter

Browse Source
This commit is contained in:
daniel_sagi
2018-07-15 13:18:23 +03:00
parent 0619eb06e2 0d5698b1fc
commit 94b2bcc76d
2 changed files with 20 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
README.md
View File

@@ -5,7 +5,8 @@ Kube Hunter hunts for security weaknesses in Kubernetes clusters. The tool was d
_Developers, please read [Guidelines For Developing Your First Kube Hunter Module](src/README.md)_ *TODO*
## Hunting
by default, without any special flags, Kube Hunter will scan all of your machine's network interfaces for open kubernetes services.
By default, without any special flags, Kube Hunter will scan all of your machine's network interfaces for open Kubernetes services.
To specify a specific cidr to scan, use the `--cidr` option. Example:
`./kube-hunter.py --cidr 192.168.0.0/24`
@@ -14,9 +15,10 @@ To specify remote machines for hunting, you can use the `--remote` option. Examp
`./kube-hunter.py --remote some.node.com`
### Active Hunting
Active hunting is an option, in which Kube Hunter will exploit vulnerabilities it found, to further findind more vulnerabilities.
The main differences between normal active hunting, is that a normal hunt will never change state of the cluster. while active hunting can do many harsh operations on the cluster.
When active, evidences of vulnerabilities will be added to the final report
Active hunting is an option in which Kube Hunter will exploit vulnerabilities it finds, in order to explore for further vulnerabilities.
The main difference between normal and active hunting is that a normal hunt will never change state of the cluster, while active hunting can potentially do state-changing and harmful operations on the cluster.
When active, evidence of vulnerabilities will be added to the final report.
To active hunt a cluster, use the `--active` flag. Example:
`./kube-hunter.py --remote some.domain.com --active`
@@ -32,13 +34,16 @@ WARNING
--
To see only a mapping of your nodes network, run with `--mapping` option. Example:
`./kube-hunter.py --cidr 192.168.0.0/24 --mapping`
This option will output all the kubernetes nodes Kube-Hunter has found
## Deploy
There are three methods in which you can deploy Kube Hunter with:
This will output all the Kubernetes nodes Kube Hunter has found.
## Deployment
There are three methods for deploying Kube Hunter:
### On Machine
***
#### Installation
##### Requirements:
* python 2.7
* pip
@@ -52,18 +57,19 @@ Running:
### Container
***
To run Kube Hunter's container:
To run Kube Hunter as a container:
**Linux:**
`docker run --rm --network host aquasec/kube-hunter`
**Windows:**
**Windows/Mac:**
`docker run --rm aquasec/kube-hunter --cidr 192.168.0.0/24`
_Docker for Windows forces us to use a manual cidr, as to it's limitations_
_Note for Docker for Mac/Windows:_ You'll need to specify the CIDR because of the VM that Docker for Mac/Windows runs in.
### Pod
***
This option lets you discover what running a malicous container can do/discover on your cluster.
Kube Hunter will scan your cluster from the inside, using default kubernetes pod access settings, usually, revealing significantly more services and vulnerabilities
This option lets you discover what running a malicious container can do/discover on your cluster.
Kube Hunter will scan your cluster from the inside, using default Kubernetes pod access settings. This may reveal significantly more vulnerabilities.
To run Kube Hunter as a pod, `kubectl create` the following yaml file.
~~~
---

4
kube-hunter.py
View File

@@ -34,7 +34,7 @@ def interactive_set_config():
options = {
"Remote scanning": "scans one or more specific IPs or DNS names",
"Internal scanning": "scans all network interfaces",
"CIDR scanning": "scans a spesific cidr"
"CIDR scanning": "scans a specific CIDR"
} # maps between option and its explanation
print "Choose one of the options below:"
@@ -42,7 +42,7 @@ def interactive_set_config():
print "{}. {} ({})".format(i+1, option.ljust(20), explanation)
choice = raw_input("Your choice: ")
if choice == '1':
config.remote = raw_input("Remotes (seperated by a ','): ").replace(' ', '').split(',')
config.remote = raw_input("Remotes (separated by a ','): ").replace(' ', '').split(',')
elif choice == '2':
config.internal = True
elif choice == '3':