KubiScan

A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model. KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpful on large environments where there are lots of permissions that can be challenging to track. KubiScan gathers information about risky roles\clusterroles, rolebindings\clusterrolebindings, users and pods, automating traditional manual processes and giving administrators the visibility they need to reduce risk.

Features

Identify risky Roles\ClusterRoles
Identify risky RoleBindings\ClusterRoleBindings
Identify risky Subjects (Users, Groups and ServiceAccounts)
Get associated RoleBindings\ClusterRoleBindings to Role, ClusterRole or Subject (user, group or service account)
List rules of RoleBinding or ClusterRoleBinding
Show Pods that have access to secret data through a volume or environment variables
Get bootstrap tokens for the cluster

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow KubiScan

KubiScan Web Site

Other Useful Business Software

Our Free Plans just got better! | Auth0

With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.

Try free now

Rate This Project

User Reviews

Be the first to post a review of KubiScan!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Python

Related Categories

Python Clustering Software, Python RBAC Tool

Registered

2024-03-25

Similar Business Software

Auth0

Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity...

See Software
Frontegg

Frontegg is a Customer Identity and Access Management (CIAM) platform that simplifies authentication, authorization, and user management for SaaS companies. It enables developers to implement advanced identity features quickly, then shift ongoing administration to other teams. With Frontegg,...

See Software
Wave Browser

Wave Browser is an efficient, eco-conscious browser that creates a cleaner, more organized, and more meaningful online experience while helping remove ocean plastic through its partnership with 4ocean. Built on the trusted Chromium foundation, Wave Browser brings essential tools directly into...

See Software
Passwork

Passwork is an on-premise corporate password manager built for security-conscious organizations. Developed and headquartered in Europe (Barcelona, Spain), Passwork meets GDPR, NIS2, ENS and other European regulatory requirements by design. All passwords and credentials are stored exclusively...

See Software
ThreatLocker

ThreatLocker is a Zero Trust Platform that prevents cyber threats by blocking unknown applications, enforcing least privilege, and controlling what can run across your environment. Using Allowlisting, Ringfencing, Network Control, and more, ThreatLocker stops ransomware, zero-day attacks, and...

See Software
Safetica

Safetica’s Intelligent Data Security protects sensitive data where teams work, using powerful AI to deliver contextual awareness, reduce false positives, and stop real threats without disrupting productivity. With Safetica, security teams can maintain visibility and control over sensitive data,...

See Software