github/kube-hunter
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-hunter.git synced 2026-05-12 04:07:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
254 Commits 55 Branches 19 Tags
09b32d1ecdb282ba2ec38ba5a2dee755ebdb5b34
Commit Graph

254 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
oriagmon
09b32d1ecd Some triggering fixes & active hunter bugs 2018-11-07 22:32:18 +02:00
oriagmon
65b821cc01 Remove irrelevant comments 2018-11-07 22:32:18 +02:00
oriagmon
f89690cd8c Removed unused variables 2018-11-07 22:32:18 +02:00
oriagmon
1bf1598de0 Passive hunters are finished! just have to test them on non admin pod too 2018-11-07 22:32:18 +02:00
oriagmon
0bc92c255b Parsed response str to dictionary on all methods, working on numbers values too now 2018-11-07 22:32:18 +02:00
oriagmon
d704d9e117 Parsed response str to dictionary 2018-11-07 22:32:18 +02:00
oriagmon
8a14de9454 Fixed some minor errors in passive hunter & used more of the active hunter methods 2018-11-07 22:32:18 +02:00
oriagmon
e60d44b5ae Finish Implemented hunters & moved some active hunters to passive hunter. 2018-11-07 22:32:18 +02:00
oriagmon
e8eb192b35 WIP, time to fix PR on another branch 2018-11-07 22:32:18 +02:00
oriagmon
d7e2ac9dc7 WIP, but have to go now: 
(1)Tested manually most of the methods! (2) Published most of events. (3) Added TODOs.
 2018-11-07 22:32:18 +02:00
oriagmon
830c42b76e Added corresponding events & descriptions for the new methods 2018-11-07 22:32:18 +02:00
oriagmon
889ea7316c Manually tested requests and changed some methods! 2018-11-07 22:32:18 +02:00
oriagmon
9ae772eeaa Improved todo, Added all api calls to API server, we have to test & modify them (when needed) 2018-11-07 22:32:18 +02:00
oriagmon
47aa4c40bb minor Typo 2018-11-07 22:32:18 +02:00
oriagmon
16a6590f5e Added all the rest of the api calls to the API server and specified algorithm in words 2018-11-07 22:32:18 +02:00
oriagmon
d1c59fb982 I didn't Finish that hunter yet ( a todo is detailed on my Trello). 2018-11-07 22:32:18 +02:00
oriagmon
1c324a3f2a Finish that hunter (detailed on my Trello). 2018-11-07 22:32:18 +02:00
oriagmon
b95feebcba Added a lot of active hunters, using different API Server methods to publish all relevant events from a compromised pod 2018-11-07 22:32:18 +02:00
oriagmon
eaa0d8e8e0 Added two hunters attempting to exploit authorized pod RBAC configurations 2018-11-07 22:32:17 +02:00
oriagmon
5a790b1ece Listen on port 443 as well now. 2018-11-07 22:32:17 +02:00
ori.agmon
359b766e17 Fixed PR comment: Added proper exception handling. 
Added logging for this hunter.
 2018-11-07 22:32:17 +02:00
ori.agmon
a3b80dc92d Improved vulnerability description for this hunter 2018-11-07 22:32:17 +02:00
ori.agmon
a3a7e33f9c Minor changes-> removed unused imports & small fixes 2018-11-07 22:32:17 +02:00
ori.agmon
2930167d78 Added apiserver hunter, would attempt to get the service account token and access the server api with it 2018-11-07 22:32:17 +02:00
ori.agmon
369e70ad6e Fixed the PR comments :-) 2018-11-07 22:32:17 +02:00
ori.agmon
72dfbdc34d Fixed the PR comments :-) 2018-11-07 22:32:17 +02:00
ori.agmon
c200fcc416 Improved unauthorized access false positive on edge case (where user is running using https & 127.0.0.1 & needed certificates) 2018-11-07 22:32:17 +02:00
ori.agmon
a67e6a57c3 Added evidence to the no auth event & tested it on a vulnerable remote cluster (and it worked!) 2018-11-07 22:32:17 +02:00
ori.agmon
5d6eea72f7 Updated the todos list 2018-11-07 22:32:17 +02:00
ori.agmon
5dbcdcedb7 Added categories to all vulnerabilities 2018-11-07 22:32:17 +02:00
ori.agmon
2da03d812d Fixed a small bug in the active hunter 2018-11-07 22:32:17 +02:00
ori.agmon
0299800cd2 Fixed a small bug in the active hunter 2018-11-07 22:32:17 +02:00
ori.agmon
730b19547b Fixed a small bug in the active hunter & passive hunter 2018-11-07 22:32:17 +02:00
ori.agmon
1d7120bfe1 Updated the TODOS list (Only 2 left!) 2018-11-07 22:32:17 +02:00
ori.agmon
5e42246773 Added some evidences to events & deleted unused code 2018-11-07 22:32:17 +02:00
ori.agmon
40213db654 I've Split the etcd hunters to hunting & discovery dirs 2018-11-07 22:32:17 +02:00
ori.agmon
9148d5273b Added init method to the etcd active hunter 2018-11-07 22:32:17 +02:00
ori.agmon
0a4c80cb09 Solved some exception bugs & did some refactoring to code & Added event & splited active & passive hunter 2018-11-07 22:32:17 +02:00
ori.agmon
e764d5f21b Solved some exception bugs & did some refactoring to code & Added event 2018-11-07 22:32:17 +02:00
ori.agmon
09c076c6a5 Solved some exception bugs & did some refactoring to code 2018-11-07 22:32:17 +02:00
ori.agmon
10e9a63e50 Added timeout for each request. 
Finished with some of the TODOS tasks (added logs).
Added another TODO task for this branch.
 2018-11-07 22:32:17 +02:00
ori.agmon
bca2f3614c Edited some of the etcd checking & added 2379 port checking 2018-11-07 22:32:17 +02:00
ori.agmon
242260b03e Added some remote access to etcd checks. 2018-11-07 22:32:17 +02:00
oriagmon
590ba9d3f2 Solved spacing conflict 2018-10-21 11:57:58 +03:00
oriagmon
54da07a73e Cleaned this branch to contain only updated secrets branch without locking 2018-10-21 11:23:30 +03:00
oriagmon
b37ebf0fee Removed note & added parentheses to a return statement condition 2018-10-17 10:44:34 +03:00
oriagmon
e501e9ee63 removed running main a few timees 2018-10-16 18:09:16 +03:00
oriagmon
568e96c2f4 merged with multi-threaded-bug 2018-10-16 17:18:36 +03:00
oriagmon
1b18825b5e Merge branch 'solve-multi-threading-bug' into access-secrets-hunter 2018-10-16 17:16:42 +03:00
ori.agmon
1883abaa23 Updated read me for devs so the mistake won't happen again 2018-10-16 17:12:42 +03:00