kube-hunter
by aquasecurity
kube-hunter is a tool designed to discover and report security weaknesses in Kubernetes clusters from an attacker’s perspective.
Hunt for security weaknesses in Kubernetes clusters
Primary Use Case
kube-hunter is primarily used by security professionals and Kubernetes administrators to identify vulnerabilities and misconfigurations in their Kubernetes environments. It helps increase awareness and visibility of security issues by simulating attacker techniques, enabling proactive remediation before exploitation. It is suitable for scanning clusters you own or manage to improve their security posture.
- Performs active and remote scanning of Kubernetes clusters
- Supports running as a container, on a local machine, or inside a Kubernetes pod
- Maps discovered vulnerabilities to the Kubernetes ATT&CK Matrix
- Provides a knowledge base with detailed vulnerability articles referenced by Vulnerability IDs (VIDs)
- Offers multiple scanning modes including probing local network interfaces and remote IP/domain scanning
- Includes integration with a web service for online result sharing via tokens
- Supports custom hunting and Azure quick scanning options
Installation
- Install Python and pip (prerequisite)
- Install kube-hunter via pip: pip install kube-hunter
- Alternatively, clone the repository and run from source
- Run kube-hunter as a container using the image aquasec/kube-hunter
- Deploy kube-hunter as a pod inside the Kubernetes cluster if needed
Usage
>_ kube-hunter --remote <IP or domain>Run kube-hunter remotely against a Kubernetes cluster to simulate an external attacker’s perspective.
>_ kube-hunter --localRun kube-hunter on a machine inside the cluster to scan local network interfaces.
>_ kube-hunter --podRun kube-hunter inside a Kubernetes pod to assess exposure from a compromised pod.
>_ docker run aquasec/kube-hunter --remote <IP or domain>Run kube-hunter containerized for remote scanning.
- Integrate kube-hunter scans into CI/CD pipelines for continuous Kubernetes security posture assessment.
- Use kube-hunter findings to enrich purple team exercises by simulating attacker reconnaissance and exploitation paths.
- Combine kube-hunter with automated remediation tools to accelerate fixing discovered misconfigurations.
- Leverage kube-hunter’s Kubernetes ATT&CK matrix mapping to prioritize vulnerabilities based on attacker techniques.
- Although no longer actively maintained, kube-hunter’s knowledge base is valuable for training Kubernetes administrators on common attack vectors.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about kube-hunter. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
3 free chats per tool • Instant responses • No credit card
Related Tools
portainer
portainer/portainer
Making Docker and Kubernetes management easy.
slim
slimtoolkit/slim
Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
kubescape
kubescape/kubescape
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
kube-bench
aquasecurity/kube-bench
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
kubernetes-learning-path
techiescamp/kubernetes-learning-path
A roadmap to learn Kubernetes from scratch (Beginner to Advanced level)
kata-containers
kata-containers/kata-containers
Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/