github/kube-hunter
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-hunter.git synced 2026-05-10 19:26:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
399 Commits 55 Branches 19 Tags
8d367d1aa0afe4ea0e46cf23112de2971f398dc4
Commit Graph

399 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Liz Rice
8d367d1aa0 Merge pull request #69 from FormationAI/formation 
Add basic system:anonymous testing
 2019-01-17 16:12:11 +00:00
Liz Rice
9b3529db0c D'oh 2019-01-17 16:05:47 +00:00
Liz Rice
985d76f8a6 Recent change moved service account token access 
Should've really been part of merge
 2019-01-17 15:51:40 +00:00
Liz Rice
880cd3781c Merge branch 'master' into formation 2019-01-17 15:06:45 +00:00
Liz Rice
e81a938e4f Merge pull request #76 from mcherny/fix-service-account-token-vuln 
Fix: the pod service account token vulnerability 'Location' is wrong
 2019-01-17 14:59:38 +00:00
Liz Rice
4f3f2dc1ef Merge branch 'master' into fix-service-account-token-vuln 2019-01-17 14:24:42 +00:00
Liz Rice
06218f3267 Create NOTICE 2019-01-14 15:12:24 +00:00
Michael Cherny
a16dfa5f1c Fix: the pod service account token vulnerability 'Location' is wrong 
The vulnerability reported with location of API server. Moved the vulnerabilty discovery to 'secrets' hunter.
 2019-01-14 09:50:05 +02:00
Nick Hibberd
eb462086e0 Only guard 'publish_event(ServiceAccountTokenAccess(..))' with needing the service account 2019-01-06 16:53:23 -08:00
Liz Rice
4c14d8b78d Merge pull request #74 from mcherny/refacture-from-pod 
Refactor host discovery code to explicitly split discovery from outside cluster and discovery from pod.
 2019-01-04 11:26:49 +00:00
Liz Rice
f5a0ae0990 Minor changes to comments 2019-01-04 11:25:04 +00:00
Liz Rice
2ef0ac9479 Tiny typo 2019-01-04 11:10:44 +00:00
Liz Rice
3a5c1376a1 Merge pull request #73 from mcherny/misha-fix-in-azure-from-pod 
Add '--quick' option to kube-hunter command line arguments
 2019-01-03 16:50:44 +00:00
Michael Cherny
545c603a5f Refacture host discovery to explicitly split discovery from outside cluster and discovery from pod. 
Now depending on '--pod' flag scan starts with either HostScanEvent or RunningAsPodEvent.
 2018-12-27 19:59:58 +02:00
Michael Cherny
a7dd3a505c Add '--quick' option to kube-hunter command line arguments 
It was used but not implemented, causing from pod scanning in Azure  not to work.
 2018-12-27 15:10:59 +02:00
Liz Rice
263ba5e203 Merge pull request #72 from mcherny/misha-dockerfile-quick-rebuild 
Make rebuilding kube-hunter image after code changes quick
 2018-12-26 17:40:56 +00:00
Michael Cherny
e854d92eef Make rebuilding kube-hunter image after code changes quick 
Somewhat dirty (perhaps there is a better multi-stage build solution). First copy requirements.txt only and install all dependencies. Then copy all kube-hunter new code. This way only latest layer changing on code changes and all previous can be brought from cache.
 2018-12-23 14:47:22 +02:00
Nick Hibberd
7a85962a0d Add basic system:anonymous testing 2018-12-10 13:48:59 -08:00
Liz Rice
16ff0afba4 CVE-2018-10020105 reported too often (#68) 
* Reporting CVE-2018-1002106 over-enthusiastically

* Oops
 2018-12-06 22:23:06 +02:00
Ori Agmon
3836a8f8c4 Shallow detection cve 2018 1002105 (#67) 
* added the CVE hunter, haven't checked the hunter yet

* fixed illegal name for import file

* Completed & Tested

* subnet scan

* Updated description

* Updated description

* Updated description
 2018-12-06 00:47:16 +02:00
Ori Agmon
22a9a16631 Shallow detection cve 2018 1002105 (#66) 
* added the CVE hunter, haven't checked the hunter yet

* fixed illegal name for import file

* Completed & Tested

* subnet scan
 2018-12-06 00:30:31 +02:00
Ori Agmon
cb0164edd1 Shallow detection cve 2018 1002105 (#65) 
* added the CVE hunter, haven't checked the hunter yet

* fixed illegal name for import file

* Completed & Tested
 2018-12-05 23:30:45 +02:00
Liz Rice
c3d51d530a Merge pull request #60 from aquasecurity/more-service-account-token-hunters 
More service account token hunters
 2018-12-04 14:16:03 +01:00
Liz Rice
8e51c5e501 Merge branch 'master' into more-service-account-token-hunters 2018-12-04 14:12:16 +01:00
Liz Rice
e793a0ff2a Merge pull request #62 from aquasecurity/adding_more_comments 
Adding more comments
 2018-12-04 14:11:14 +01:00
Liz Rice
03bd8ee637 Merge pull request #63 from aquasecurity/fixed_no_cluster_find_when_0vulns 
Fixed bug cluster did not find when no vulns are found
 2018-12-04 14:11:00 +01:00
oriagmon
b26121fb6c Fixed bug: 
- Kube Hunter did not find any cluster when 0 vulnerabilities found
 2018-12-04 14:14:23 +02:00
oriagmon
32fee9a0a9 Minor typo 2018-12-03 20:27:47 +02:00
oriagmon
205d25df5d etcd commenting & secrets commenting 2018-12-03 20:24:51 +02:00
oriagmon
3d263382e9 etcd commenting 2018-12-03 20:15:36 +02:00
Ori Agmon
51e00e480c Merge branch 'master' into more-service-account-token-hunters 2018-11-07 23:44:16 +02:00
oriagmon
5dd70aaa6e Reset repo before the commit of split the hunters 2018-11-07 23:38:18 +02:00
oriagmon
e91b2590d5 Fixed more PR comment (ascii encode) 2018-11-07 22:32:20 +02:00
oriagmon
cebba76866 Minor 2018-11-07 22:32:20 +02:00
Liz Rice
3ff8fda30e Typos & text changes 2018-11-07 22:32:20 +02:00
Liz Rice
665956d441 Minor typo 2018-11-07 22:32:20 +02:00
oriagmon
afce211c4e Finished with Most of the pr fixes 2018-11-07 22:32:20 +02:00
oriagmon
c41d66a78c Added & Tested Create A Privileged Pod method 2018-11-07 22:32:20 +02:00
oriagmon
d53cb9ca38 Minor: Forgot to add more accurate event categories 2018-11-07 22:32:20 +02:00
oriagmon
f9aa8254fd Finished & Tested:-) 2018-11-07 22:32:20 +02:00
oriagmon
cd8a95e3f8 Added required class event for delete namespace 2018-11-07 22:32:20 +02:00
oriagmon
5170686d1b Removed testing code, improved comments. 
This hunter was fully tested and it fully worked.
I have added another method to delete a namespace, once I test it it would be ready for a PR!
 2018-11-07 22:32:20 +02:00
oriagmon
08ff6c3bfe Improved evidences 2018-11-07 22:32:20 +02:00
oriagmon
376167b047 Fixed patching methods 2018-11-07 22:32:20 +02:00
oriagmon
32322d68b0 Fixed roles & cluster roles creation & deletion bug. 
just have to fixed the patching api calls now
 2018-11-07 22:32:20 +02:00
oriagmon
81e54b334d Fixed roles & cluster roles creation & deletion bug. 
just have to fixed the patching api calls now :D
 2018-11-07 22:32:20 +02:00
oriagmon
8dae387e6b Commented the pod api calls, so it would be easier to test 2018-11-07 22:32:20 +02:00
oriagmon
75a813ce6f Only the pod patching and the roles & cluster roles api calls are left to test!! 2018-11-07 22:32:20 +02:00
oriagmon
38320d2190 WIP, Got to go :) 
Only have to finish testing the *active hunters'
 2018-11-07 22:32:20 +02:00
oriagmon
3ffe2a93d2 Fixed formated json string 2018-11-07 22:32:20 +02:00