fixed tests to use already parsed pods as the given previous event has changed

.github/PULL_REQUEST_TEMPLATE.md

@@ -7,7 +7,7 @@
 Please include a summary of the change and which issue is fixed. Also include relevant motivation and context. List any dependencies that are required for this change.
 
 ## Contribution Guidelines
-Please Read through the [Contribution Guidelines](https://github.com/aquasecurity/kube-hunter/blob/main/CONTRIBUTING.md).
+Please Read through the [Contribution Guidelines](https://github.com/aquasecurity/kube-hunter/blob/master/CONTRIBUTING.md).
 
 ## Fixed Issues
 

.github/workflows/lint.yml

@@ -1,4 +1,3 @@
----
 name: Lint
 
 on: [push, pull_request]
@@ -11,4 +10,3 @@ jobs:
       - uses: actions/checkout@v2
       - uses: actions/setup-python@v2
       - uses: pre-commit/action@v2.0.0
-      - uses: ibiqlik/action-yamllint@v3

.github/workflows/publish.yml

@@ -1,65 +0,0 @@
----
-name: Publish
-on:
-  push:
-    tags:
-      - "v*"
-env:
-  ALIAS: aquasecurity
-  REP: kube-hunter
-jobs:
-  publish:
-    name: Publish
-    runs-on: ubuntu-18.04
-    steps:
-      - name: Check Out Repo
-        uses: actions/checkout@v2
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
-      - name: Set up Docker Buildx
-        id: buildx
-        uses: docker/setup-buildx-action@v1
-      - name: Cache Docker layers
-        uses: actions/cache@v2
-        with:
-          path: /tmp/.buildx-cache
-          key: ${{ runner.os }}-buildxarch-${{ github.sha }}
-          restore-keys: |
-            ${{ runner.os }}-buildxarch-
-      - name: Login to Docker Hub
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKERHUB_USER }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: Login to ECR
-        uses: docker/login-action@v1
-        with:
-          registry: public.ecr.aws
-          username: ${{ secrets.ECR_ACCESS_KEY_ID }}
-          password: ${{ secrets.ECR_SECRET_ACCESS_KEY }}
-      - name: Get version
-        id: get_version
-        uses: crazy-max/ghaction-docker-meta@v1
-        with:
-          images: ${{ env.REP }}
-          tag-semver: |
-            {{version}}
-
-      - name: Build and push - Docker/ECR
-        id: docker_build
-        uses: docker/build-push-action@v2
-        with:
-          context: .
-          platforms: linux/amd64
-          builder: ${{ steps.buildx.outputs.name }}
-          push: true
-          tags: |
-            ${{ secrets.DOCKERHUB_USER }}/${{ env.REP }}:${{ steps.get_version.outputs.version }}
-            public.ecr.aws/${{ env.ALIAS }}/${{ env.REP }}:${{ steps.get_version.outputs.version }}
-            ${{ secrets.DOCKERHUB_USER }}/${{ env.REP }}:latest
-            public.ecr.aws/${{ env.ALIAS }}/${{ env.REP }}:latest
-          cache-from: type=local,src=/tmp/.buildx-cache/release
-          cache-to: type=local,mode=max,dest=/tmp/.buildx-cache/release
-
-      - name: Image digest
-        run: echo ${{ steps.docker_build.outputs.digest }}

.github/workflows/release.yml

@@ -1,16 +1,15 @@
----
 on:
   push:
     # Sequence of patterns matched against refs/tags
     tags:
-      - 'v*'  # Push events to matching v*, i.e. v1.0, v20.15.10
-
-name: Release
+    - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10
+    
+name: Upload Release Asset
 
 jobs:
   build:
     name: Upload Release Asset
-    runs-on: ubuntu-16.04
+    runs-on: ubuntu-latest
     steps:
       - name: Checkout code
         uses: actions/checkout@v2
@@ -19,17 +18,17 @@ jobs:
         uses: actions/setup-python@v2
         with:
           python-version: '3.9'
-
+      
       - name: Install dependencies
         run: |
           python -m pip install -U pip
           python -m pip install -r requirements-dev.txt
-
+      
       - name: Build project
         shell: bash
         run: |
           make pyinstaller
-
+      
       - name: Create Release
         id: create_release
         uses: actions/create-release@v1
@@ -37,12 +36,12 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           tag_name: ${{ github.ref }}
-          release_name: ${{ github.ref }}
+          release_name: Release ${{ github.ref }}
           draft: false
           prerelease: false
-
+          
       - name: Upload Release Asset
-        id: upload-release-asset
+        id: upload-release-asset 
         uses: actions/upload-release-asset@v1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -50,4 +49,4 @@ jobs:
           upload_url: ${{ steps.create_release.outputs.upload_url }}
           asset_path: ./dist/kube-hunter
           asset_name: kube-hunter-linux-x86_64-${{ github.ref }}
-          asset_content_type: application/octet-stream
+          asset_content_type: application/octet-stream

.github/workflows/test.yml

@@ -1,4 +1,3 @@
----
 name: Test
 
 on: [push, pull_request]

.pre-commit-config.yaml

@@ -1,11 +1,10 @@
----
 repos:
-  - repo: https://github.com/psf/black
-    rev: stable
-    hooks:
-      - id: black
-  - repo: https://gitlab.com/pycqa/flake8
-    rev: 3.7.9
-    hooks:
-      - id: flake8
-        additional_dependencies: [flake8-bugbear]
+- repo: https://github.com/psf/black
+  rev: stable
+  hooks:
+  - id: black
+- repo: https://gitlab.com/pycqa/flake8
+  rev: 3.7.9
+  hooks:
+    - id: flake8
+      additional_dependencies: [flake8-bugbear]

.yamllint

@@ -1,6 +0,0 @@
----
-extends: default
-
-rules:
-  line-length: disable
-  truthy: disable

README.md

@@ -1,18 +1,12 @@
-![kube-hunter](https://github.com/aquasecurity/kube-hunter/blob/main/kube-hunter.png)
+![kube-hunter](https://github.com/aquasecurity/kube-hunter/blob/master/kube-hunter.png)
 
-[![GitHub Release][release-img]][release]
-![Downloads][download]
-![Docker Pulls][docker-pull]
 [![Build Status](https://github.com/aquasecurity/kube-hunter/workflows/Test/badge.svg)](https://github.com/aquasecurity/kube-hunter/actions)
-[![codecov](https://codecov.io/gh/aquasecurity/kube-hunter/branch/main/graph/badge.svg)](https://codecov.io/gh/aquasecurity/kube-hunter)
+[![codecov](https://codecov.io/gh/aquasecurity/kube-hunter/branch/master/graph/badge.svg)](https://codecov.io/gh/aquasecurity/kube-hunter)
 [![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black)
-[![License](https://img.shields.io/github/license/aquasecurity/kube-hunter)](https://github.com/aquasecurity/kube-hunter/blob/main/LICENSE)
+[![License](https://img.shields.io/github/license/aquasecurity/kube-hunter)](https://github.com/aquasecurity/kube-hunter/blob/master/LICENSE)
 [![Docker image](https://images.microbadger.com/badges/image/aquasec/kube-hunter.svg)](https://microbadger.com/images/aquasec/kube-hunter "Get your own image badge on microbadger.com")
 
-[download]: https://img.shields.io/github/downloads/aquasecurity/kube-hunter/total?logo=github
-[release-img]: https://img.shields.io/github/release/aquasecurity/kube-hunter.svg?logo=github
-[release]: https://github.com/aquasecurity/kube-hunter/releases
-[docker-pull]: https://img.shields.io/docker/pulls/aquasec/kube-hunter?logo=docker&label=docker%20pulls%20%2F%20kube-hunter
+
 
 kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. **You should NOT run kube-hunter on a Kubernetes cluster that you don't own!**
 
@@ -20,9 +14,9 @@ kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was d
 
 **Explore vulnerabilities**: The kube-hunter knowledge base includes articles about discoverable vulnerabilities and issues. When kube-hunter reports an issue, it will show its VID (Vulnerability ID) so you can look it up in the KB at https://aquasecurity.github.io/kube-hunter/
 
-**Contribute**: We welcome contributions, especially new hunter modules that perform additional tests. If you would like to develop your modules please read [Guidelines For Developing Your First kube-hunter Module](https://github.com/aquasecurity/kube-hunter/blob/main/CONTRIBUTING.md).
+**Contribute**: We welcome contributions, especially new hunter modules that perform additional tests. If you would like to develop your modules please read [Guidelines For Developing Your First kube-hunter Module](https://github.com/aquasecurity/kube-hunter/blob/master/CONTRIBUTING.md).
 
-[![kube-hunter demo video](https://github.com/aquasecurity/kube-hunter/blob/main/kube-hunter-screenshot.png)](https://youtu.be/s2-6rTkH8a8?t=57s)
+[![kube-hunter demo video](https://github.com/aquasecurity/kube-hunter/blob/master/kube-hunter-screenshot.png)](https://youtu.be/s2-6rTkH8a8?t=57s)
 
 Table of Contents
 =================
@@ -35,7 +29,6 @@ Table of Contents
    * [Nodes Mapping](#nodes-mapping)
    * [Output](#output)
    * [Dispatching](#dispatching)
-   * [Advanced Usage](#advanced-usage)
 * [Deployment](#deployment)
    * [On Machine](#on-machine)
       * [Prerequisites](#prerequisites)
@@ -115,11 +108,6 @@ Available dispatch methods are:
     * KUBEHUNTER_HTTP_DISPATCH_URL (defaults to: https://localhost)
     * KUBEHUNTER_HTTP_DISPATCH_METHOD (defaults to: POST)
 
-### Advanced Usage 
-#### Azure Quick Scanning 
-When running **as a Pod in an Azure environment**, kube-hunter will fetch subnets from the Instance Metadata Service. Naturally this makes the discovery process take longer.
-To hardlimit subnet scanning to a `/24` CIDR, use the `--quick` option. 
-
 ## Deployment
 There are three methods for deploying kube-hunter:
 
@@ -188,7 +176,7 @@ The example `job.yaml` file defines a Job that will run kube-hunter in a pod, us
 * View the test results with `kubectl logs <pod name>`
 
 ## Contribution 
-To read the contribution guidelines, <a href="https://github.com/aquasecurity/kube-hunter/blob/main/CONTRIBUTING.md"> Click here </a>
+To read the contribution guidelines, <a href="https://github.com/aquasecurity/kube-hunter/blob/master/CONTRIBUTING.md"> Click here </a>
 
 ## License
-This repository is available under the [Apache License 2.0](https://github.com/aquasecurity/kube-hunter/blob/main/LICENSE).
+This repository is available under the [Apache License 2.0](https://github.com/aquasecurity/kube-hunter/blob/master/LICENSE).

SECURITY.md

@@ -1,17 +0,0 @@
-# Security Policy
-
-## Supported Versions
-
-| Version   | Supported          |
-| --------- | ------------------ |
-| 0.4.x | :white_check_mark: |
-| 0.3.x   | :white_check_mark: |
-
-## Reporting a Vulnerability
-We encourage you to find vulnerabilities in kube-hunter.
-The process is simple, just report a Bug issue. and we will take a look at this.
-If you prefer to disclose privately, you can write to one of the security maintainers at:
-
-| Name        | Email              |
-| ----------- | ------------------ |
-| Daniel Sagi | daniel.sagi@aquasec.com |

docs/Gemfile.lock

@@ -1,12 +1,11 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (6.0.3.4)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
+    activesupport (4.2.11.1)
+      i18n (~> 0.7)
       minitest (~> 5.1)
+      thread_safe (~> 0.3, >= 0.3.4)
       tzinfo (~> 1.1)
-      zeitwerk (~> 2.2, >= 2.2.2)
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
     coffee-script (2.4.1)
@@ -16,67 +15,65 @@ GEM
     colorator (1.1.0)
     commonmarker (0.17.13)
       ruby-enum (~> 0.5)
-    concurrent-ruby (1.1.7)
-    dnsruby (1.61.5)
-      simpleidn (~> 0.1)
-    em-websocket (0.5.2)
+    concurrent-ruby (1.1.5)
+    dnsruby (1.61.3)
+      addressable (~> 2.5)
+    em-websocket (0.5.1)
       eventmachine (>= 0.12.9)
       http_parser.rb (~> 0.6.0)
     ethon (0.12.0)
       ffi (>= 1.3.0)
     eventmachine (1.2.7)
     execjs (2.7.0)
-    faraday (1.3.0)
-      faraday-net_http (~> 1.0)
+    faraday (0.17.0)
       multipart-post (>= 1.2, < 3)
-      ruby2_keywords
-    faraday-net_http (1.0.1)
-    ffi (1.14.2)
+    ffi (1.11.1)
     forwardable-extended (2.6.0)
     gemoji (3.0.1)
-    github-pages (209)
+    github-pages (201)
+      activesupport (= 4.2.11.1)
       github-pages-health-check (= 1.16.1)
-      jekyll (= 3.9.0)
-      jekyll-avatar (= 0.7.0)
+      jekyll (= 3.8.5)
+      jekyll-avatar (= 0.6.0)
       jekyll-coffeescript (= 1.1.1)
       jekyll-commonmark-ghpages (= 0.1.6)
       jekyll-default-layout (= 0.1.4)
-      jekyll-feed (= 0.15.1)
+      jekyll-feed (= 0.11.0)
       jekyll-gist (= 1.5.0)
-      jekyll-github-metadata (= 2.13.0)
-      jekyll-mentions (= 1.6.0)
-      jekyll-optional-front-matter (= 0.3.2)
+      jekyll-github-metadata (= 2.12.1)
+      jekyll-mentions (= 1.4.1)
+      jekyll-optional-front-matter (= 0.3.0)
       jekyll-paginate (= 1.1.0)
-      jekyll-readme-index (= 0.3.0)
-      jekyll-redirect-from (= 0.16.0)
-      jekyll-relative-links (= 0.6.1)
-      jekyll-remote-theme (= 0.4.2)
+      jekyll-readme-index (= 0.2.0)
+      jekyll-redirect-from (= 0.14.0)
+      jekyll-relative-links (= 0.6.0)
+      jekyll-remote-theme (= 0.4.0)
       jekyll-sass-converter (= 1.5.2)
-      jekyll-seo-tag (= 2.6.1)
-      jekyll-sitemap (= 1.4.0)
-      jekyll-swiss (= 1.0.0)
+      jekyll-seo-tag (= 2.5.0)
+      jekyll-sitemap (= 1.2.0)
+      jekyll-swiss (= 0.4.0)
       jekyll-theme-architect (= 0.1.1)
       jekyll-theme-cayman (= 0.1.1)
       jekyll-theme-dinky (= 0.1.1)
-      jekyll-theme-hacker (= 0.1.2)
+      jekyll-theme-hacker (= 0.1.1)
       jekyll-theme-leap-day (= 0.1.1)
       jekyll-theme-merlot (= 0.1.1)
       jekyll-theme-midnight (= 0.1.1)
       jekyll-theme-minimal (= 0.1.1)
       jekyll-theme-modernist (= 0.1.1)
-      jekyll-theme-primer (= 0.5.4)
+      jekyll-theme-primer (= 0.5.3)
       jekyll-theme-slate (= 0.1.1)
       jekyll-theme-tactile (= 0.1.1)
       jekyll-theme-time-machine (= 0.1.1)
-      jekyll-titles-from-headings (= 0.5.3)
-      jemoji (= 0.12.0)
-      kramdown (= 2.3.0)
-      kramdown-parser-gfm (= 1.1.0)
-      liquid (= 4.0.3)
+      jekyll-titles-from-headings (= 0.5.1)
+      jemoji (= 0.10.2)
+      kramdown (= 1.17.0)
+      liquid (= 4.0.0)
+      listen (= 3.1.5)
       mercenary (~> 0.3)
-      minima (= 2.5.1)
+      minima (= 2.5.0)
       nokogiri (>= 1.10.4, < 2.0)
-      rouge (= 3.23.0)
+      rouge (= 3.11.0)
       terminal-table (~> 1.4)
     github-pages-health-check (1.16.1)
       addressable (~> 2.3)
@@ -84,27 +81,27 @@ GEM
       octokit (~> 4.0)
       public_suffix (~> 3.0)
       typhoeus (~> 1.3)
-    html-pipeline (2.14.0)
+    html-pipeline (2.12.0)
       activesupport (>= 2)
       nokogiri (>= 1.4)
     http_parser.rb (0.6.0)
     i18n (0.9.5)
       concurrent-ruby (~> 1.0)
-    jekyll (3.9.0)
+    jekyll (3.8.5)
       addressable (~> 2.4)
       colorator (~> 1.0)
       em-websocket (~> 0.5)
       i18n (~> 0.7)
       jekyll-sass-converter (~> 1.0)
       jekyll-watch (~> 2.0)
-      kramdown (>= 1.17, < 3)
+      kramdown (~> 1.14)
       liquid (~> 4.0)
       mercenary (~> 0.3.3)
       pathutil (~> 0.9)
       rouge (>= 1.7, < 4)
       safe_yaml (~> 1.0)
-    jekyll-avatar (0.7.0)
-      jekyll (>= 3.0, < 5.0)
+    jekyll-avatar (0.6.0)
+      jekyll (~> 3.0)
     jekyll-coffeescript (1.1.1)
       coffee-script (~> 2.2)
       coffee-script-source (~> 1.11.1)
@@ -117,37 +114,36 @@ GEM
       rouge (>= 2.0, < 4.0)
     jekyll-default-layout (0.1.4)
       jekyll (~> 3.0)
-    jekyll-feed (0.15.1)
-      jekyll (>= 3.7, < 5.0)
+    jekyll-feed (0.11.0)
+      jekyll (~> 3.3)
     jekyll-gist (1.5.0)
       octokit (~> 4.2)
-    jekyll-github-metadata (2.13.0)
-      jekyll (>= 3.4, < 5.0)
+    jekyll-github-metadata (2.12.1)
+      jekyll (~> 3.4)
       octokit (~> 4.0, != 4.4.0)
-    jekyll-mentions (1.6.0)
+    jekyll-mentions (1.4.1)
       html-pipeline (~> 2.3)
-      jekyll (>= 3.7, < 5.0)
-    jekyll-optional-front-matter (0.3.2)
-      jekyll (>= 3.0, < 5.0)
+      jekyll (~> 3.0)
+    jekyll-optional-front-matter (0.3.0)
+      jekyll (~> 3.0)
     jekyll-paginate (1.1.0)
-    jekyll-readme-index (0.3.0)
-      jekyll (>= 3.0, < 5.0)
-    jekyll-redirect-from (0.16.0)
-      jekyll (>= 3.3, < 5.0)
-    jekyll-relative-links (0.6.1)
-      jekyll (>= 3.3, < 5.0)
-    jekyll-remote-theme (0.4.2)
+    jekyll-readme-index (0.2.0)
+      jekyll (~> 3.0)
+    jekyll-redirect-from (0.14.0)
+      jekyll (~> 3.3)
+    jekyll-relative-links (0.6.0)
+      jekyll (~> 3.3)
+    jekyll-remote-theme (0.4.0)
       addressable (~> 2.0)
-      jekyll (>= 3.5, < 5.0)
-      jekyll-sass-converter (>= 1.0, <= 3.0.0, != 2.0.0)
-      rubyzip (>= 1.3.0, < 3.0)
+      jekyll (~> 3.5)
+      rubyzip (>= 1.2.1, < 3.0)
     jekyll-sass-converter (1.5.2)
       sass (~> 3.4)
-    jekyll-seo-tag (2.6.1)
-      jekyll (>= 3.3, < 5.0)
-    jekyll-sitemap (1.4.0)
-      jekyll (>= 3.7, < 5.0)
-    jekyll-swiss (1.0.0)
+    jekyll-seo-tag (2.5.0)
+      jekyll (~> 3.3)
+    jekyll-sitemap (1.2.0)
+      jekyll (~> 3.3)
+    jekyll-swiss (0.4.0)
     jekyll-theme-architect (0.1.1)
       jekyll (~> 3.5)
       jekyll-seo-tag (~> 2.0)
@@ -157,8 +153,8 @@ GEM
     jekyll-theme-dinky (0.1.1)
       jekyll (~> 3.5)
       jekyll-seo-tag (~> 2.0)
-    jekyll-theme-hacker (0.1.2)
-      jekyll (> 3.5, < 5.0)
+    jekyll-theme-hacker (0.1.1)
+      jekyll (~> 3.5)
       jekyll-seo-tag (~> 2.0)
     jekyll-theme-leap-day (0.1.1)
       jekyll (~> 3.5)
@@ -175,8 +171,8 @@ GEM
     jekyll-theme-modernist (0.1.1)
       jekyll (~> 3.5)
       jekyll-seo-tag (~> 2.0)
-    jekyll-theme-primer (0.5.4)
-      jekyll (> 3.5, < 5.0)
+    jekyll-theme-primer (0.5.3)
+      jekyll (~> 3.5)
       jekyll-github-metadata (~> 2.9)
       jekyll-seo-tag (~> 2.0)
     jekyll-theme-slate (0.1.1)
@@ -188,49 +184,43 @@ GEM
     jekyll-theme-time-machine (0.1.1)
       jekyll (~> 3.5)
       jekyll-seo-tag (~> 2.0)
-    jekyll-titles-from-headings (0.5.3)
-      jekyll (>= 3.3, < 5.0)
+    jekyll-titles-from-headings (0.5.1)
+      jekyll (~> 3.3)
     jekyll-watch (2.2.1)
       listen (~> 3.0)
-    jemoji (0.12.0)
+    jemoji (0.10.2)
       gemoji (~> 3.0)
       html-pipeline (~> 2.2)
-      jekyll (>= 3.0, < 5.0)
-    kramdown (2.3.0)
-      rexml
-    kramdown-parser-gfm (1.1.0)
-      kramdown (~> 2.0)
-    liquid (4.0.3)
-    listen (3.4.0)
-      rb-fsevent (~> 0.10, >= 0.10.3)
-      rb-inotify (~> 0.9, >= 0.9.10)
+      jekyll (~> 3.0)
+    kramdown (1.17.0)
+    liquid (4.0.0)
+    listen (3.1.5)
+      rb-fsevent (~> 0.9, >= 0.9.4)
+      rb-inotify (~> 0.9, >= 0.9.7)
+      ruby_dep (~> 1.2)
     mercenary (0.3.6)
-    mini_portile2 (2.5.0)
-    minima (2.5.1)
-      jekyll (>= 3.5, < 5.0)
+    mini_portile2 (2.4.0)
+    minima (2.5.0)
+      jekyll (~> 3.5)
       jekyll-feed (~> 0.9)
       jekyll-seo-tag (~> 2.1)
-    minitest (5.14.3)
+    minitest (5.12.2)
     multipart-post (2.1.1)
-    nokogiri (1.11.1)
-      mini_portile2 (~> 2.5.0)
-      racc (~> 1.4)
-    octokit (4.20.0)
-      faraday (>= 0.9)
+    nokogiri (1.10.8)
+      mini_portile2 (~> 2.4.0)
+    octokit (4.14.0)
       sawyer (~> 0.8.0, >= 0.5.3)
     pathutil (0.16.2)
       forwardable-extended (~> 2.6)
     public_suffix (3.1.1)
-    racc (1.5.2)
-    rb-fsevent (0.10.4)
-    rb-inotify (0.10.1)
+    rb-fsevent (0.10.3)
+    rb-inotify (0.10.0)
       ffi (~> 1.0)
-    rexml (3.2.4)
-    rouge (3.23.0)
-    ruby-enum (0.8.0)
+    rouge (3.11.0)
+    ruby-enum (0.7.2)
       i18n
-    ruby2_keywords (0.0.2)
-    rubyzip (2.3.0)
+    ruby_dep (1.5.0)
+    rubyzip (2.0.0)
     safe_yaml (1.0.5)
     sass (3.7.4)
       sass-listen (~> 4.0.0)
@@ -240,20 +230,14 @@ GEM
     sawyer (0.8.2)
       addressable (>= 2.3.5)
       faraday (> 0.8, < 2.0)
-    simpleidn (0.1.1)
-      unf (~> 0.1.4)
     terminal-table (1.8.0)
       unicode-display_width (~> 1.1, >= 1.1.1)
     thread_safe (0.3.6)
-    typhoeus (1.4.0)
+    typhoeus (1.3.1)
       ethon (>= 0.9.0)
-    tzinfo (1.2.9)
+    tzinfo (1.2.5)
       thread_safe (~> 0.1)
-    unf (0.1.4)
-      unf_ext
-    unf_ext (0.0.7.7)
-    unicode-display_width (1.7.0)
-    zeitwerk (2.4.2)
+    unicode-display_width (1.6.0)
 
 PLATFORMS
   ruby
@@ -263,4 +247,4 @@ DEPENDENCIES
   jekyll-sitemap
 
 BUNDLED WITH
-   2.2.5
+   1.17.2

docs/_config.yml

@@ -1,7 +1,6 @@
----
 title: kube-hunter
 description: Kube-hunter hunts for security weaknesses in Kubernetes clusters
-logo: https://raw.githubusercontent.com/aquasecurity/kube-hunter/main/kube-hunter.png
+logo: https://raw.githubusercontent.com/aquasecurity/kube-hunter/master/kube-hunter.png
 show_downloads: false
 google_analytics: UA-63272154-1
 theme: jekyll-theme-minimal
@@ -11,7 +10,7 @@ collections:
 defaults:
   -
     scope:
-      path: ""  # an empty string here means all files in the project
+      path: "" # an empty string here means all files in the project
     values:
       layout: "default"
 

docs/_kb/KHV003.md

@@ -12,10 +12,7 @@ Microsoft Azure provides an internal HTTP endpoint that exposes information from
 
 ## Remediation
 
-Starting in the 2020.10.15 Azure VHD Release, AKS restricts the pod CIDR access to that internal HTTP endpoint. 
-
-[CVE-2021-27075](https://github.com/Azure/AKS/issues/2168)
-
+Consider using AAD Pod Identity. A Microsoft project that allows scoping the identity of workloads to Kubernetes Pods instead of VMs (instances).
 
 ## References
 

job.yaml

@@ -1,4 +1,3 @@
----
 apiVersion: batch/v1
 kind: Job
 metadata:
@@ -7,9 +6,9 @@ spec:
   template:
     spec:
       containers:
-        - name: kube-hunter
-          image: aquasec/kube-hunter
-          command: ["kube-hunter"]
-          args: ["--pod"]
+      - name: kube-hunter
+        image: aquasec/kube-hunter 
+        command: ["kube-hunter"]
+        args: ["--pod"]
       restartPolicy: Never
   backoffLimit: 4