OpenSecAtlas
OPENSECATLAS
10/12 free views
Tool
CLI
Container Security

kubectl-debug

by aylei

2.3Kstars
304forks
55watchers
Updated 10 months ago
About

kubectl-debug enables seamless debugging of running Kubernetes pods by injecting a new container sharing namespaces with the target pod without modifying the original container image.

This repository is no longer maintained, please checkout https://github.com/JamesTGrant/kubectl-debug.

Primary Use Case

This tool is primarily used by Kubernetes administrators and developers to troubleshoot and debug live pods in a cluster without needing to pre-install debugging tools inside the production containers. It facilitates incident response and security automation by allowing quick access to pod internals using a separate debug container.

Key Features
  • Runs a new container inside running pods for debugging purposes
  • Shares pid, network, user, and ipc namespaces with the target container
  • Supports agentless mode by creating debug agent pods on demand
  • Optional installation of a debug agent DaemonSet for faster startup
  • Compatible with kubectl 1.12.0 or higher
  • Supports multiple OS binaries including Linux, macOS, and Windows
  • No need to pre-install debugging tools inside production containers

Installation

  • Install via Homebrew: brew install aylei/tap/kubectl-debug
  • Download binary for Linux x86_64: curl -Lo kubectl-debug.tar.gz https://github.com/aylei/kubectl-debug/releases/download/v0.1.1/kubectl-debug_0.1.1_linux_amd64.tar.gz
  • Download binary for macOS: curl -Lo kubectl-debug.tar.gz https://github.com/aylei/kubectl-debug/releases/download/v0.1.1/kubectl-debug_0.1.1_darwin_amd64.tar.gz
  • Extract the binary: tar -zxvf kubectl-debug.tar.gz kubectl-debug
  • Move binary to system path: sudo mv kubectl-debug /usr/local/bin/
  • For Windows, download the latest release archive, decompress and add kubectl-debug to PATH
  • Optionally install debug agent DaemonSet for faster debug sessions: kubectl apply -f https://raw.githubusercontent.com/aylei/kubectl-debug/master/scripts/agent_daemonset.yml
  • For Kubernetes versions <1.16, modify apiVersion in agent_daemonset.yml before applying
  • Alternatively, install via Helm: helm install kubectl-debug -n=debug-agent ./contrib/helm/kubectl-debug

Usage

>_ kubectl debug -h

Displays help information and usage instructions for kubectl-debug

>_ kubectl debug --agentless=false POD_NAME

Starts a debug session using the pre-installed debug agent DaemonSet for faster startup

Security Frameworks
Discovery
Execution
Defense Evasion
Collection
Response
Usage Insights
  • Integrate kubectl-debug into automated incident response playbooks to enable rapid live debugging of compromised containers without service disruption.
  • Use in purple team exercises to simulate attacker lateral movement and container compromise scenarios, improving detection and response capabilities.
  • Leverage agentless mode to minimize footprint and reduce risk of persistent artifacts in production environments during forensic investigations.
  • Combine with container security monitoring tools to provide contextual live debugging data for alerts triggered by anomalous container behavior.
  • Adopt as a DevSecOps tool to empower developers and security teams to collaboratively troubleshoot and remediate container security incidents in real-time.

Docs Take 2 Hours. AI Takes 10 Seconds.

Ask anything about kubectl-debug. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.

3 free chats per tool • Instant responses • No credit card

Security Profile
Red Team60%
Blue Team70%
Purple Team80%
Details
LicenseApache License 2.0
LanguageGo
Open Issues108
Topics
kubectl
kubectl-plugins
troubleshooting
kubernetes
debug

Related Tools

portainer icon

portainer

portainer/portainer

Tool

Making Docker and Kubernetes management easy.

33.2K
10 months ago
slim icon

slim

slimtoolkit/slim

Tool

Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

22.7K
3 months ago
kubescape icon

kubescape

kubescape/kubescape

Tool

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

11.1K
3 months ago
kube-bench icon

kube-bench

aquasecurity/kube-bench

Tool

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

7.9K
about 1 month ago
kubernetes-learning-path icon

kubernetes-learning-path

techiescamp/kubernetes-learning-path

Educational Resource

A roadmap to learn Kubernetes from scratch (Beginner to Advanced level)

7.4K
about 1 month ago
kata-containers icon

kata-containers

kata-containers/kata-containers

Framework

Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/

7.3K
3 months ago