kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility of security issues in Kubernetes environments. You should NOT run kube-hunter on a Kubernetes cluster you don't own!
Run kube-hunter: kube-hunter is available as a container (aquasec/kube-hunter). We also offer a website at kube-hunter.aquasec.com where you can register online to receive a token allowing you to see and share the results online. You can also run the Python code yourself, as described below.
Explore vulnerabilities: The kube-hunter knowledge base includes articles about discoverable vulnerabilities and issues. When kube-hunter reports an issue, it will show its VID (Vulnerability ID), so you can look it up in the KB at https://aquasecurity.github.io/kube-hunter/
If you're interested in kube-hunter's integration with the Kubernetes ATT&CK Matrix, Continue Reading
Source code and additional information can be found here: https://github.com/aquasecurity/kube-hunter/