KubiScan

A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model. KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpful on large environments where there are lots of permissions that can be challenging to track. KubiScan gathers information about risky roles\clusterroles, rolebindings\clusterrolebindings, users and pods, automating traditional manual processes and giving administrators the visibility they need to reduce risk.

Features

Identify risky Roles\ClusterRoles
Identify risky RoleBindings\ClusterRoleBindings
Identify risky Subjects (Users, Groups and ServiceAccounts)
Get associated RoleBindings\ClusterRoleBindings to Role, ClusterRole or Subject (user, group or service account)
List rules of RoleBinding or ClusterRoleBinding
Show Pods that have access to secret data through a volume or environment variables
Get bootstrap tokens for the cluster

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow KubiScan

KubiScan Web Site

Other Useful Business Software

Stop Storing Third-Party Tokens in Your Database

Auth0 Token Vault handles secure token storage, exchange, and refresh for external providers so you don't have to build it yourself.

Rolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.

Try Auth0 for Free

Rate This Project

User Reviews

Be the first to post a review of KubiScan!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Python

Related Categories

Python Clustering Software, Python RBAC Tool

Registered

2024-03-25

Similar Business Software

Auth0

Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity...

See Software
Frontegg

Frontegg is a Customer Identity and Access Management (CIAM) platform that simplifies authentication, authorization, and user management for SaaS companies. It enables developers to implement advanced identity features quickly, then shift ongoing administration to other teams. With Frontegg,...

See Software
Wave Browser

Wave Browser is an efficient, eco-conscious browser that creates a cleaner, more organized, and more meaningful online experience while helping remove ocean plastic through its partnership with 4ocean. Built on the trusted Chromium foundation, Wave Browser brings essential tools directly into...

See Software
Passwork

Passwork is an on-premise corporate password manager built for security-conscious organizations. Developed and headquartered in Europe (Barcelona, Spain), Passwork meets GDPR, NIS2, ENS and other European regulatory requirements by design. All passwords and credentials are stored exclusively...

See Software
Shift

Shift is a fully customizable browser where you can drag and drop apps, bars, and controls to create a central hub that adapts to however you work. Integrate 1,500+ apps, swap instantly between Spaces for work, side hustles or personal browsing, and stay logged into multiple accounts at once....

See Software
ThreatLocker

ThreatLocker is a Zero Trust Platform that prevents cyber threats by blocking unknown applications, enforcing least privilege, and controlling what can run across your environment. Using Allowlisting, Ringfencing, Network Control, and more, ThreatLocker stops ransomware, zero-day attacks, and...

See Software