A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model. KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpful on large environments where there are lots of permissions that can be challenging to track. KubiScan gathers information about risky roles\clusterroles, rolebindings\clusterrolebindings, users and pods, automating traditional manual processes and giving administrators the visibility they need to reduce risk.

Features

  • Identify risky Roles\ClusterRoles
  • Identify risky RoleBindings\ClusterRoleBindings
  • Identify risky Subjects (Users, Groups and ServiceAccounts)
  • Get associated RoleBindings\ClusterRoleBindings to Role, ClusterRole or Subject (user, group or service account)
  • List rules of RoleBinding or ClusterRoleBinding
  • Show Pods that have access to secret data through a volume or environment variables
  • Get bootstrap tokens for the cluster

Project Samples

KubiScan Screenshot 1

Project Activity

See All Activity >

Categories

Clustering, RBAC

License

GNU General Public License version 3.0 (GPLv3)

Follow KubiScan

KubiScan Web Site

Other Useful Business Software
Earn up to 16% annual interest with Nexo. Icon
Earn up to 16% annual interest with Nexo.

Let your crypto work for you

Put idle assets to work with competitive interest rates, borrow without selling, and trade with precision. All in one platform. Geographic restrictions, eligibility, and terms apply.
Get started with Nexo.
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of KubiScan!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Python

Related Categories

Python Clustering Software, Python RBAC Tool

Registered

2024-03-25
Report inappropriate content