github/kube-hunter
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-hunter.git synced 2026-05-06 01:08:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
498 Commits 55 Branches 19 Tags
e69e591fab0a64bcc833f540fd683d177ee32481
Commit Graph

327 Commits

Author SHA1 Message Date
nshauli
ac7027dab6 1. Change hunter statistics to count vulnerabilities only. 
2. Add --statistics flag support.
3. Show hunter statistics only if --statistics was set.
4. Few infrastructure improvements.
 2019-05-20 21:32:52 +03:00
nshauli
b4df6b5298 Add support for hunters list as part of the reports. 
Each reported hunter includes name, description and number of events.
Add severity field to each vulnerability report.
 2019-05-14 12:44:30 +03:00
Liz Rice
4051fa708d Remove unused class 2019-03-20 11:57:46 +00:00
Liz Rice
fa99b4edd1 Remove unused class 2019-03-20 11:51:24 +00:00
Liz Rice
f10632f47e Merge branch 'master' into api-server-hunt-improvements 2019-03-18 17:58:12 +00:00
Liz Rice
71903ba942 Merge branch 'master' into fix-issue-99 2019-03-18 17:50:06 +00:00
Michael Cherny
c59b199a24 Removed unused variable 2019-03-11 00:56:24 +05:30
Liz Rice
1b849947fa Use a predicate and avoid a whole extra event 2019-03-08 16:27:52 +00:00
Michael Cherny
0c0a68883d Fix #98 - cvehunter now using service token discovered in hosts.py 
We use the token if available.
 2019-03-07 20:44:56 +02:00
Michael Cherny
1cd44832e6 Fixes #99 - pod local vulnerabilities are now reported as "Local to Pod" ( <pod name> ) 
Event  can now implement 'location()' method that return string representing  events logical location.
In events chain, the 'newest' event available location method will be used. This is because we compose (chain) events.
Core changed to support it.
Added 'location()' method to relevant event classes.
Reports are now using vulnerability.location() to retrieve location.
 2019-03-07 14:45:26 +02:00
Liz Rice
991214f8db Remove temp debugging 2019-03-05 10:05:01 +00:00
Weston Steimel
45d32be212 support for python3 
Signed-off-by: Weston Steimel <weston.steimel@gmail.com>
 2019-03-04 21:37:59 +00:00
Idan Revivo
b7222d26e7 cve info change 2019-03-04 17:05:17 +02:00
Liz Rice
0f3eac9a12 Didn’t end up basing the Active Hunter on the passive one 2019-03-04 14:07:53 +00:00
Liz Rice
7296805d58 Only create per-namespace objects if we have found namespaces 2019-03-04 13:47:49 +00:00
Liz Rice
93ab052e23 Tidy up a bit more 2019-03-04 13:06:23 +00:00
Liz Rice
e77f5fdcc8 Show in the report whether access was via service token or not 2019-03-04 12:35:57 +00:00
Idan Revivo
931e76f64d changed cve details 2019-03-04 13:48:20 +02:00
Liz Rice
dd1ed76dc1 Better names, descriptions and tests 
When you query for resources, you get the ones you’re entitled to see - it’s misleading to suggest you’re getting all of them
 2019-03-04 11:43:37 +00:00
Liz Rice
5c22ecdf3c Remove superfluous tests 
There is no need to check for pods or roles under a specific namespace (even the default one) because if we’re allowed to see them we’ll have found them through the wider check for viewing all items
 2019-03-04 11:27:14 +00:00
Liz Rice
5e69d3b307 Better tests for API discovery 2019-03-04 11:23:00 +00:00
Idan Revivo
5935e0ba96 changed checking all cves 2019-03-04 11:33:39 +02:00
Idan Revivo
1d258f7447 added support for new Vulnerability CVE-2019-1002100 2019-03-03 18:57:12 +02:00
Idan Revivo
c06b94f558 moved CVE_2018_1002105 to generic cvehunter 2019-03-03 18:53:35 +02:00
Liz Rice
50078c518e Slightly better names 2019-02-26 19:56:09 +08:00
Liz Rice
a3bd1b9ef2 Improvements to the API Server hunters 2019-02-26 19:51:50 +08:00
Liz Rice
1581355a93 Read all the service account secrets 2019-02-26 08:38:35 +00:00
Liz Rice
9e0456bb66 Function is no longer getting service account token 2019-02-26 00:50:26 +00:00
Liz Rice
ffc5508819 Use token as previously obtained 2019-02-26 00:50:26 +00:00
Liz Rice
ef7f856cac Move tests so they don’t get picked up by the regular executable 2019-02-26 00:36:53 +00:00
Liz Rice
23fd1830a2 Doesn't hurt to mark this as Master 2019-02-25 17:54:59 +00:00
Liz Rice
fe01598129 Correct secret location 2019-02-22 20:51:04 +00:00
Liz Rice
c1fc84ec5e Better test that reflects Kubernetes response 2019-02-22 20:43:57 +00:00
Liz Rice
014595e92b Remove commented out line 2019-02-22 20:43:56 +00:00
Liz Rice
c0b1169918 Only report API Servers that behave like Kubernetes API Servers 
This should stop my printer and home light server being reported
as Kubernetes API Servers when I scan my home network!
 2019-02-22 20:43:53 +00:00
Liz Rice
9bc0f3ec76 Add tests for host discovery 2019-02-22 16:14:02 +00:00
Liz Rice
f5440b7733 Merge branch 'master' into pod-remote 2019-02-22 15:43:47 +00:00
Liz Rice
4b1bf1801c Merge branch 'pod-remote' of github.com:aquasecurity/kube-hunter into pod-remote 2019-02-22 15:40:54 +00:00
Liz Rice
645195e799 Only do pod scan if we didn't specify an address 2019-02-22 15:40:29 +00:00
manish
607612866f resolved dependency issue of the json.py file, renamed it to json_reporter 2019-02-22 15:13:58 +01:00
Liz Rice
e6b577ade0 Merge branch 'master' into pod-remote 2019-02-22 11:09:45 +00:00
Liz Rice
dbd1449208 Merge branch 'master' into feature-json-reporter 2019-02-21 11:59:19 +00:00
Liz Rice
f11319766b Typo 2019-02-21 11:19:19 +00:00
maniish-jaiin
9d68679df0 renamed the function name and json_reporter to json 2019-02-21 11:18:30 +01:00
Liz Rice
e2b5f0f5a0 Remove deprecation warning 2019-02-20 17:39:33 +00:00
Liz Rice
1021aca65d Trigger HostScanEvent to scan remote or CIDR addresses 2019-02-20 17:16:32 +00:00
manish
4f9a362e6a created reporter for json format 2019-02-20 13:36:24 +01:00
Liz Rice
2f47fc835c Merge branch 'master' into lizrice-patch-4 2019-02-19 15:33:39 +00:00
Liz Rice
ae45814221 Update README.md 2019-02-19 15:24:47 +00:00
Liz Rice
ba224f150d Requests tests to support code changes 2019-02-19 13:12:14 +00:00