github/kube-hunter
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-hunter.git synced 2026-05-11 11:47:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
279 Commits 55 Branches 19 Tags
c336a2a23ea2f51006ccd99474a8c14a050d7b3e
Commit Graph

154 Commits

Author SHA1 Message Date
oriagmon
c336a2a23e Added two hunters attempting to exploit authorized pod RBAC configurations 2018-11-07 22:32:19 +02:00
oriagmon
93d9db658e Listen on port 443 as well now. 2018-11-07 22:32:19 +02:00
ori.agmon
7a006ef51e Fixed PR comment: Added proper exception handling. 
Added logging for this hunter.
 2018-11-07 22:32:19 +02:00
ori.agmon
ad5a4eba86 Improved vulnerability description for this hunter 2018-11-07 22:32:19 +02:00
ori.agmon
d4d1751d3e Minor changes-> removed unused imports & small fixes 2018-11-07 22:32:19 +02:00
ori.agmon
b74225e027 Added apiserver hunter, would attempt to get the service account token and access the server api with it 2018-11-07 22:32:19 +02:00
oriagmon
458381fb2d Fixed more PR comment (ascii encode) 2018-11-07 22:32:19 +02:00
oriagmon
2a3764e097 Minor 2018-11-07 22:32:19 +02:00
oriagmon
14db8edd39 Finished with Most of the pr fixes 2018-11-07 22:32:19 +02:00
Liz Rice
7502b10005 Typos & text changes 2018-11-07 22:32:19 +02:00
Liz Rice
1762b2fbd4 Minor typo 2018-11-07 22:32:19 +02:00
oriagmon
2264754908 Added & Tested Create A Privileged Pod method 2018-11-07 22:32:19 +02:00
oriagmon
03c21fe62f Minor: Forgot to add more accurate event categories 2018-11-07 22:32:19 +02:00
oriagmon
ab3d429672 Finished & Tested:-) 2018-11-07 22:32:19 +02:00
oriagmon
5e1799f294 Added required class event for delete namespace 2018-11-07 22:32:19 +02:00
oriagmon
da02a5df9e Removed testing code, improved comments. 
This hunter was fully tested and it fully worked.
I have added another method to delete a namespace, once I test it it would be ready for a PR!
 2018-11-07 22:32:18 +02:00
oriagmon
33544c2e84 Improved evidences 2018-11-07 22:32:18 +02:00
oriagmon
204650b8eb Fixed patching methods 2018-11-07 22:32:18 +02:00
oriagmon
5c8ed31b50 Fixed roles & cluster roles creation & deletion bug. 
just have to fixed the patching api calls now
 2018-11-07 22:32:18 +02:00
oriagmon
00941fc5a9 Fixed roles & cluster roles creation & deletion bug. 
just have to fixed the patching api calls now :D
 2018-11-07 22:32:18 +02:00
oriagmon
f659849f67 Commented the pod api calls, so it would be easier to test 2018-11-07 22:32:18 +02:00
oriagmon
9456f2a355 Only the pod patching and the roles & cluster roles api calls are left to test!! 2018-11-07 22:32:18 +02:00
oriagmon
735f5b77dd WIP, Got to go :) 
Only have to finish testing the *active hunters'
 2018-11-07 22:32:18 +02:00
oriagmon
ab9505a226 Fixed formated json string 2018-11-07 22:32:18 +02:00
oriagmon
5139b21261 Generated random string as resource names 2018-11-07 22:32:18 +02:00
oriagmon
09b32d1ecd Some triggering fixes & active hunter bugs 2018-11-07 22:32:18 +02:00
oriagmon
65b821cc01 Remove irrelevant comments 2018-11-07 22:32:18 +02:00
oriagmon
f89690cd8c Removed unused variables 2018-11-07 22:32:18 +02:00
oriagmon
1bf1598de0 Passive hunters are finished! just have to test them on non admin pod too 2018-11-07 22:32:18 +02:00
oriagmon
0bc92c255b Parsed response str to dictionary on all methods, working on numbers values too now 2018-11-07 22:32:18 +02:00
oriagmon
d704d9e117 Parsed response str to dictionary 2018-11-07 22:32:18 +02:00
oriagmon
8a14de9454 Fixed some minor errors in passive hunter & used more of the active hunter methods 2018-11-07 22:32:18 +02:00
oriagmon
e60d44b5ae Finish Implemented hunters & moved some active hunters to passive hunter. 2018-11-07 22:32:18 +02:00
oriagmon
e8eb192b35 WIP, time to fix PR on another branch 2018-11-07 22:32:18 +02:00
oriagmon
d7e2ac9dc7 WIP, but have to go now: 
(1)Tested manually most of the methods! (2) Published most of events. (3) Added TODOs.
 2018-11-07 22:32:18 +02:00
oriagmon
830c42b76e Added corresponding events & descriptions for the new methods 2018-11-07 22:32:18 +02:00
oriagmon
889ea7316c Manually tested requests and changed some methods! 2018-11-07 22:32:18 +02:00
oriagmon
9ae772eeaa Improved todo, Added all api calls to API server, we have to test & modify them (when needed) 2018-11-07 22:32:18 +02:00
oriagmon
47aa4c40bb minor Typo 2018-11-07 22:32:18 +02:00
oriagmon
16a6590f5e Added all the rest of the api calls to the API server and specified algorithm in words 2018-11-07 22:32:18 +02:00
oriagmon
d1c59fb982 I didn't Finish that hunter yet ( a todo is detailed on my Trello). 2018-11-07 22:32:18 +02:00
oriagmon
1c324a3f2a Finish that hunter (detailed on my Trello). 2018-11-07 22:32:18 +02:00
oriagmon
b95feebcba Added a lot of active hunters, using different API Server methods to publish all relevant events from a compromised pod 2018-11-07 22:32:18 +02:00
oriagmon
eaa0d8e8e0 Added two hunters attempting to exploit authorized pod RBAC configurations 2018-11-07 22:32:17 +02:00
oriagmon
5a790b1ece Listen on port 443 as well now. 2018-11-07 22:32:17 +02:00
ori.agmon
359b766e17 Fixed PR comment: Added proper exception handling. 
Added logging for this hunter.
 2018-11-07 22:32:17 +02:00
ori.agmon
a3b80dc92d Improved vulnerability description for this hunter 2018-11-07 22:32:17 +02:00
ori.agmon
a3a7e33f9c Minor changes-> removed unused imports & small fixes 2018-11-07 22:32:17 +02:00
ori.agmon
2930167d78 Added apiserver hunter, would attempt to get the service account token and access the server api with it 2018-11-07 22:32:17 +02:00
ori.agmon
369e70ad6e Fixed the PR comments :-) 2018-11-07 22:32:17 +02:00