Kubernetes-Goat – Is A "Vulnerable By Design" Kubernetes Cluster. Designed To Be An Intentionally Vulnerable Cluster Environment To Learn And Practice Kubernetes Security

  The Kubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security. Refer to https://madhuakula.com/kubernetes-goat for the guide. Show us some Please feel free to send us a PR and show some   Upcoming Training’s and Sessions DEFCON DEMO Labs https://forum.defcon.org/node/237237 Cloud Village – DEFCON https://cloud-village.org/#talks?collapseMadhuAkula Recent KubernetesRead More

Kube-Applier – Enables Automated Deployment And Declarative Configuration For Your Kubernetes Cluster

kube-applier is a service that enables continuous deployment of Kubernetes objects by applying declarative configuration files from a Git repository to a Kubernetes cluster. kube-applier runs as a Pod in your cluster and watches the Git repo to ensure that the cluster objects are up-to-date with their associated spec files (JSON or YAML) in theRead More

Peirates – Kubernetes Penetration Testing Tool

What is Peirates? Peirates, a Kubernetes penetration tool, enables an attacker to escalate privilege and pivot through a Kubernetes cluster. It automates known techniques to steal and collect service accounts, obtain further code execution, and gain control of the cluster. Where do I run Peirates? You run Peirates from a container running on Kubernetes. DoesRead More

Krane – Kubernetes RBAC Static Analysis And Visualisation Tool

Krane is a simple Kubernetes RBAC static analysis tool. It identifies potential security risks in K8s RBAC design and makes suggestions on how to mitigate them. Krane dashboard presents current RBAC security posture and lets you navigate through its definition. Features RBAC Risk rules – Krane evaluates a set of built-in RBAC risk rules. TheseRead More

Botkube – An App That Helps You Monitor Your Kubernetes Cluster, Debug Critical Deployments And Gives Recommendations For Standard Practices

For complete documentation visit www.botkube.io BotKube integration with Slack, Mattermost or Microsoft Teams helps you monitor your Kubernetes cluster, debug critical deployments and gives recommendations for standard practices by running checks on the Kubernetes resources. You can also ask BotKube to execute kubectl commands on k8s cluster which helps debugging an application or cluster. HacktoberfestRead More

KubiScan – A Tool To Scan Kubernetes Cluster For Risky Permissions

A tool for scanning Kubernetes cluster for risky permissions in Kubernetes’s Role-based access control (RBAC) authorization model. The tool was published as part of the “Securing Kubernetes Clusters by Eliminating Risky Permissions” research https://www.cyberark.com/threat-research-blog/securing-kubernetes-clusters-by-eliminating-risky-permissions/. Overview KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpfulRead More

Kubestriker – A Blazing Fast Security Auditing Tool For Kubernetes

Kubestriker performs numerous in depth checks on kubernetes infra to identify the security misconfigurations and challenges that devops engineers/developers are likely to encounter when using Kubernetes, especially in production and at scale. kubestriker is Platform agnostic and works equally well across more than one platform such as self hosted kubernetes, Amazon EKS, Azure AKS, GoogleRead More

Kube-Score – Kubernetes Object Analysis With Recommendations For Improved Reliability And Security

kube-score is a tool that performs static code analysis of your Kubernetes object definitions. The output is a list of recommendations of what you can improve to make your application more secure and resilient. You can test kube-score out in the browser with the online demo (source). Installation kube-score is easy to install, and isRead More

Kubei – A Flexible Kubernetes Runtime Scanner

Kubei is a vulnerabilities scanning tool that allows users to get an accurate and immediate risk assessment of their kubernetes clusters. Kubei scans all images that are being used in a Kubernetes cluster, including images of application pods and system pods. It doesn’t scan the entire image registries and doesn’t require preliminary integration with CI/CDRead More

Kubebox – Terminal And Web Console For Kubernetes

Terminal and Web console for Kubernetes Features Configuration from kubeconfig files (KUBECONFIG environment variable or $HOME/.kube) Switch contexts interactively Authentication support (bearer token, basic auth, private key / cert, OAuth, OpenID Connect, Amazon EKS, Google Kubernetes Engine, Digital Ocean) Namespace selection and pods list watching Container log scrolling / watching Container resources usage (memory, CPU,Read More