OpenSecAtlas
OPENSECATLAS
11/12 free views
Tool
CLI
Container Security

KubeHound

by DataDog

944stars
61forks
12watchers
Updated 3 months ago
About

KubeHound is a Kubernetes attack graph tool that automates the calculation of attack paths between assets within a cluster.

Tool for building Kubernetes attack paths

Primary Use Case

KubeHound is used by security professionals and Kubernetes administrators to identify and analyze potential attack paths in Kubernetes clusters, enabling proactive risk assessment and vulnerability management. It helps visualize how an attacker might move laterally within a cluster, facilitating better container security and automated security analysis.

Key Features
  • Automated calculation of Kubernetes attack paths
  • Supports querying attack graphs using Gremlin query language
  • Provides a Jupyter notebook UI for interactive graph exploration
  • Available as CLI tool and deployable as a service (KHaaS)
  • Supports advanced configuration via config files
  • Cross-platform binaries available for Linux, Windows, and MacOS
  • Integration with Docker and Docker Compose for deployment
  • Includes a domain-specific language (DSL) for simplified graph queries

Installation

  • Install Docker version 19.03 or higher
  • Install Docker Compose V2
  • Download prebuilt binaries from the GitHub releases page for your OS
  • Make the binary executable with chmod +x kubehound
  • (MacOS only) Remove quarantine attribute with xattr -d com.apple.quarantine kubehound if downloaded via browser
  • Install via Homebrew with: brew update && brew install kubehound
  • Clone the repository: git clone https://github.com/DataDog/KubeHound.git
  • Checkout the latest tag: git checkout $(git describe --tags --abbrev=0)
  • Build from source using: make build
  • Locate the built binary at ./bin/build/kubehound

Usage

>_ kubehound

Run the KubeHound binary to analyze the current Kubernetes cluster context

>_ export KUBECONFIG=/your/path/to/.kube/config

Set a specific kubeconfig file to target a Kubernetes cluster

>_ ./kubehound

Run the binary from the current directory if installed from release

>_ ./bin/build/kubehound

Run the binary built from source located in the build folder

Security Frameworks
Initial Access
Lateral Movement
Discovery
Privilege Escalation
Impact
Usage Insights
  • Integrate KubeHound with Kubernetes CI/CD pipelines for continuous attack path analysis and early vulnerability detection.
  • Use the Gremlin query language and Jupyter notebook UI to create custom attack path visualizations for security awareness training and purple team exercises.
  • Combine KubeHound's attack graph outputs with threat intelligence feeds to prioritize remediation efforts based on active adversary tactics.
  • Deploy KubeHound as a service (KHaaS) in production clusters to enable real-time risk assessment and automated security automation workflows.
  • Leverage KubeHound's domain-specific language (DSL) to simplify complex graph queries, enabling faster incident response and root cause analysis.

Docs Take 2 Hours. AI Takes 10 Seconds.

Ask anything about KubeHound. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.

This tool hasn't been indexed yet. Request indexing to enable AI chat.

Admin will review your request within 24 hours

Security Profile
Red Team80%
Blue Team70%
Purple Team75%
Details
LicenseApache License 2.0
LanguageGo
Open Issues40
Topics
adversary-emulation
attack-graph
attack-paths
cloud-native-security
exploit
kubernetes
kubernetes-security
mitre-attack
purple-team
red-team

Related Tools

portainer icon

portainer

portainer/portainer

Tool

Making Docker and Kubernetes management easy.

33.2K
11 months ago
slim icon

slim

slimtoolkit/slim

Tool

Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

22.7K
4 months ago
kubescape icon

kubescape

kubescape/kubescape

Tool

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

11.1K
4 months ago
kube-bench icon

kube-bench

aquasecurity/kube-bench

Tool

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

7.9K
3 months ago
kubernetes-learning-path icon

kubernetes-learning-path

techiescamp/kubernetes-learning-path

Educational Resource

A roadmap to learn Kubernetes from scratch (Beginner to Advanced level)

7.4K
3 months ago
kata-containers icon

kata-containers

kata-containers/kata-containers

Framework

Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/

7.3K
4 months ago