Kube Hunter by Aqua Security hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments.
You should NOT run kube-hunter on a Kubernetes cluster that you don't own!
Run kube-hunter: kube-hunter is available as a container (aquasec/kube-hunter), and we also offer a web site at https://kube-hunter.aquasec.com where you can register online to receive a token allowing you to see and share the results online.
Explore vulnerabilities: The kube-hunter knowledge base includes articles about discoverable vulnerabilities and issues. When kube-hunter reports an issue, it will show its VID (Vulnerability ID) so you can look it up in the KB at https://aquasecurity.github.io/kube-hunter/
If you're interested in kube-hunter's integration with the Kubernetes ATT&CK Matrix Continue Reading
Contribute: We welcome contributions, especially new hunter modules that perform additional tests. If you would like to develop your modules please read Guidelines For Developing Your First kube-hunter Module.