* removed arp and dns hunters usage due to it's violations of the scapy GPL2 license
* added installation of arp and dns hunters to Dockerfile
* added explicit new version to plugins in dockerfile installation
* ignore B020 flake8
* added partial and partial-names flag. mechanism for whitelisting hunter subscrption for custom hunts
* changed name from partial to custom
* ran black to format
* flake8 formatting
* added documentation in readme for Custom hunting and made Advanced Usage a higher level topic
* added Collector, StartedInfo and SendFullReport to the core_hunters
* changed old name class-names to raw-hunter-names
* fixed bug in import loop
* Added documentation about differences between vulnerabilities and the attack matrix techniques
* moved docs to start of README, also created MITRE image, showing covered areas of kube-hunter
* fixed link in readme
* Refactored all categories to the new MITRE attack matrix format
* Changed format of vulnerabilities table to display the mitre technique related to the vulnerability
* added service account token flag to use in hunting
* added flag to main parsing config creation
* fixed linting issues
* added documentation on the service-account-token flag
* minor readme change
* removed redundant call for /pods again from /var/log mount hunter, by using multiple subscription
* fixed new linting
* fixed linting with exceptions
* Add a new dependency on Kubernetes package
* Add and store a new flag about automatic nodes discovery from a pod
* Implement the listing of nodes
* Add tests to cover the k8s node listing
* Fix the k8s listing test to ensure the load incluster function is actually called
* Add more help to the k8s node discovery flags, and cross-reference them.
* Add a note on the Kubernetes auto-discovery in the main README file
* Move the kubernetes discovery from conf to modules/discovery
* When running with --pods, run the Kubernetes auto discovery
* Also mention that the auto discovery is always on when using --pod
Co-authored-by: Mikolaj Pawlikowski <mpawlikowsk1@bloomberg.net>
* Add multiple subscription mechanism
* PR: address comments
* improved implementation, solved a couple of bugs, added documentation to almost the whole backend process
* added corresponding tests to the new method of the multiple subscription
* fixed linting issue
* fixed linting #2
Co-authored-by: Raito Bezarius <masterancpp@gmail.com>
* removed false negative in AzureSpnHunter when /run is disabled
* changed to use direct imported class
* fixed multiple bugs in azure spn hunting, and improved efficency
* fixed bug in cloud identification. TODO: remove the outsourcing for cloud provider
* removed unused config variable
* fixed tests to use already parsed pods as the given previous event has changed
* changed ubuntu to an older version, for compatibility reasons with glibc on pyinstaller steps and added a step to parse the release tag
* removed parsing of release tag
* changed flow name
* removed 'release' from the release name
* changed link to point to avd
* changed kb_links to be on base report module. and updated to point to avd. now json output returns the full avd url to the vulnerability
* switched to adding a new avd_reference instead of changed the VID
* added newline to fix linting
