github/kube-hunter
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-hunter.git synced 2026-05-13 20:57:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
94 Commits 55 Branches 19 Tags
df07aa201740d31e1a9dd042e0d8236cb1db330f
Commit Graph

43 Commits

Author SHA1 Message Date
daniel_sagi
174d93804c added minimal dashboard hunting 2018-07-19 14:42:50 +03:00
daniel_sagi
45ab93fc26 minor changes to readme, added categories to vulnerabilities 2018-07-18 19:40:56 +03:00
daniel_sagi
be8895423e minor changes in certificate hunting to match design pattern 2018-07-18 11:55:57 +03:00
daniel_sagi
0668079b30 Merge branch 'master' of bitbucket.org:scalock/kube-hunter 2018-07-18 11:37:53 +03:00
daniel_sagi
3d1c659233 fixed bug in discovery of secured kubelet api 2018-07-18 11:28:37 +03:00
daniel_sagi
da21dfa167 added passive evidences on some vulnerabilities 2018-07-18 11:28:05 +03:00
Shir
7c772e0f3b Nice ascii view instead of the not-that-pretty table 2018-07-17 20:54:57 +03:00
daniel_sagi
185f89d07f fixed pods vuln 2018-07-17 19:06:03 +03:00
daniel_sagi
67d05bccf5 removed commands on passive 2018-07-17 17:05:50 +03:00
daniel_sagi
31d7c1e754 sperated default report (tables and logging) from the the report being sent to aqua, to seperate modules. also added two core events: HuntStarted and HuntFinished. for reporters to listen to 
Also changed default of tables for prinring evidence
 2018-07-17 15:45:07 +03:00
daniel_sagi
4d599cda50 added classification for certificate hunting 2018-07-15 14:17:44 +03:00
daniel_sagi
5cb8889d16 Merge remote-tracking branch 'origin/liz' 2018-07-15 13:23:08 +03:00
daniel_sagi
0619eb06e2 changed existing vulnerabilities to specify categories, and changed a bit of their description 2018-07-15 13:17:42 +03:00
daniel_sagi
d0a7163221 advanced discovery of proxy 2018-07-15 13:15:59 +03:00
daniel_sagi
a89f8d1f29 added categories for vulnerabilities. From now on, all vulnerabilities should be classified with a category 2018-07-15 13:14:48 +03:00
daniel_sagi
94790be334 added execption handling wraping on all hooks on execution 2018-07-15 13:12:48 +03:00
Liz Rice
b0b8ba9a5e Description tweaks 2018-07-13 13:22:55 -04:00
Liz Rice
5e3ffcc7af Hunt for email addresses in certificates 2018-07-13 13:22:01 -04:00
Liz Rice
6c103847a2 Error handling so that we can run locally without needing a network connection 
Allows user to test with a kubernetes cluster on a local VM on their laptop, for example when on a plane :-)
 2018-07-13 10:44:05 -04:00
Liz Rice
e3b21d1d64 Don't stack trace if we can't access the internet 2018-07-13 10:10:29 -04:00
Liz Rice
70192f272e Typos and minor README corrections 2018-07-13 09:58:21 -04:00
daniel_sagi
e16bc40fb7 minor services description improvements 2018-07-04 15:08:51 +03:00
daniel_sagi
05bea207fd bug fix: default secure value for services changed from False to True 2018-07-04 12:36:41 +03:00
daniel_sagi
23c03afc02 added interactive choosing of scanning options 2018-07-02 16:20:14 +03:00
daniel_sagi
464e7aad1f Added exception handling and improved help 2018-06-21 13:45:19 +03:00
daniel_sagi
8c6712f378 1. Changed report methods and renamed "log" module to "", added another report generation in a new json format 
2. started to add the --token option to send the finished report.
3. changed a bit of kubelet vulnerability output architecture to match out conventions.
4. added healthz check on kubelets
 2018-06-20 12:09:40 +03:00
daniel_sagi
2b690056b0 Fixed type in privileged, also moved Components to core.types 2018-06-19 11:07:18 +03:00
daniel_sagi
dc830b1281 changed README 2018-06-18 16:42:50 +03:00
daniel_sagi
808ccdb1b5 added src README 2018-06-18 16:26:49 +03:00
daniel_sagi
fac667552e added cidr option, also added a while true when running on a pod, to halt for seeing results before restart 2018-06-17 19:01:23 +03:00
daniel_sagi
f3b9b5200f added requirements.txt 2018-06-12 16:55:22 +03:00
daniel_sagi
73a4e83781 Added checks on api responses before json.loads, added a quick scanning option, to scan part of the subnet 2018-06-12 14:30:28 +03:00
daniel_sagi
c52e684272 removed passing of active attribute to results printing 2018-06-12 13:16:35 +03:00
daniel_sagi
e4c9beb653 added prove of running pods 2018-06-12 12:57:29 +03:00
daniel_sagi
3f174364f7 Added cloud identifiering for each type of host scan, using azurespeed. Now AzuerSpn hunting will be triggered only if the host is an azure cluster. using predicate, and the new 'cloud' attribute 2018-06-12 12:10:59 +03:00
daniel_sagi
973c2a25a0 changed output results table format, added AzureMetadata vulnerability on discovery 2018-06-11 20:02:25 +03:00
daniel_sagi
7e939b4544 finished aks spn hunting 2018-06-11 18:44:54 +03:00
daniel_sagi
548ae7e486 changed evidence of priviledged containers, also added casting to str in reporter 2018-06-11 18:28:01 +03:00
daniel_sagi
9bb835edd3 added azure spn subscription hunting 2018-06-11 18:26:58 +03:00
daniel_sagi
838be65967 Added proves for vulnerabilities, added 'evidence' field for every vulnerability to be filled be provers(mostly ActiveHunters) 2018-06-11 18:01:54 +03:00
daniel_sagi
75393da91a simplified kubelet open handlers hunting and types 2018-06-11 14:26:09 +03:00
daniel_sagi
01c4aac105 Active hunting is now available by inheriting from ActiveHunter. the hunter wil subscribe only if the --active flag was set. 
1. Removed scanning configuration from events, from now on, scanning config is accessed from the main module
2. Moved core types to a "toplevel" file
 2018-06-11 12:39:11 +03:00
daniel_sagi
a2e37927bd changed directory tree of all modules and packages, for easing on future implementations and extensions 2018-06-10 20:09:09 +03:00