diff --git a/README.md b/README.md index e2e76cf..5d0855b 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,8 @@ Kube Hunter hunts for security weaknesses in Kubernetes clusters. The tool was d _Developers, please read [Guidelines For Developing Your First Kube Hunter Module](src/README.md)_ *TODO* ## Hunting -by default, without any special flags, Kube Hunter will scan all of your machine's network interfaces for open kubernetes services. + +By default, without any special flags, Kube Hunter will scan all of your machine's network interfaces for open Kubernetes services. To specify a specific cidr to scan, use the `--cidr` option. Example: `./kube-hunter.py --cidr 192.168.0.0/24` @@ -14,9 +15,10 @@ To specify remote machines for hunting, you can use the `--remote` option. Examp `./kube-hunter.py --remote some.node.com` ### Active Hunting -Active hunting is an option, in which Kube Hunter will exploit vulnerabilities it found, to further findind more vulnerabilities. -The main differences between normal active hunting, is that a normal hunt will never change state of the cluster. while active hunting can do many harsh operations on the cluster. -When active, evidences of vulnerabilities will be added to the final report + +Active hunting is an option in which Kube Hunter will exploit vulnerabilities it finds, in order to explore for further vulnerabilities. +The main difference between normal and active hunting is that a normal hunt will never change state of the cluster, while active hunting can potentially do state-changing and harmful operations on the cluster. +When active, evidence of vulnerabilities will be added to the final report. To active hunt a cluster, use the `--active` flag. Example: `./kube-hunter.py --remote some.domain.com --active` @@ -32,13 +34,16 @@ WARNING -- To see only a mapping of your nodes network, run with `--mapping` option. Example: `./kube-hunter.py --cidr 192.168.0.0/24 --mapping` -This option will output all the kubernetes nodes Kube-Hunter has found -## Deploy -There are three methods in which you can deploy Kube Hunter with: +This will output all the Kubernetes nodes Kube Hunter has found. + +## Deployment + +There are three methods for deploying Kube Hunter: ### On Machine *** #### Installation ##### Requirements: + * python 2.7 * pip @@ -52,18 +57,19 @@ Running: ### Container *** -To run Kube Hunter's container: +To run Kube Hunter as a container: **Linux:** `docker run --rm --network host aquasec/kube-hunter` -**Windows:** +**Windows/Mac:** `docker run --rm aquasec/kube-hunter --cidr 192.168.0.0/24` -_Docker for Windows forces us to use a manual cidr, as to it's limitations_ +_Note for Docker for Mac/Windows:_ You'll need to specify the CIDR because of the VM that Docker for Mac/Windows runs in. + ### Pod *** -This option lets you discover what running a malicous container can do/discover on your cluster. -Kube Hunter will scan your cluster from the inside, using default kubernetes pod access settings, usually, revealing significantly more services and vulnerabilities +This option lets you discover what running a malicious container can do/discover on your cluster. +Kube Hunter will scan your cluster from the inside, using default Kubernetes pod access settings. This may reveal significantly more vulnerabilities. To run Kube Hunter as a pod, `kubectl create` the following yaml file. ~~~ --- diff --git a/kube-hunter.py b/kube-hunter.py index a69f078..c5cdc01 100644 --- a/kube-hunter.py +++ b/kube-hunter.py @@ -34,7 +34,7 @@ def interactive_set_config(): options = { "Remote scanning": "scans one or more specific IPs or DNS names", "Internal scanning": "scans all network interfaces", - "CIDR scanning": "scans a spesific cidr" + "CIDR scanning": "scans a specific CIDR" } # maps between option and its explanation print "Choose one of the options below:" @@ -42,7 +42,7 @@ def interactive_set_config(): print "{}. {} ({})".format(i+1, option.ljust(20), explanation) choice = raw_input("Your choice: ") if choice == '1': - config.remote = raw_input("Remotes (seperated by a ','): ").replace(' ', '').split(',') + config.remote = raw_input("Remotes (separated by a ','): ").replace(' ', '').split(',') elif choice == '2': config.internal = True elif choice == '3':