KubiScan

A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model. KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpful on large environments where there are lots of permissions that can be challenging to track. KubiScan gathers information about risky roles\clusterroles, rolebindings\clusterrolebindings, users and pods, automating traditional manual processes and giving administrators the visibility they need to reduce risk.

Features

Identify risky Roles\ClusterRoles
Identify risky RoleBindings\ClusterRoleBindings
Identify risky Subjects (Users, Groups and ServiceAccounts)
Get associated RoleBindings\ClusterRoleBindings to Role, ClusterRole or Subject (user, group or service account)
List rules of RoleBinding or ClusterRoleBinding
Show Pods that have access to secret data through a volume or environment variables
Get bootstrap tokens for the cluster

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow KubiScan

KubiScan Web Site

User Reviews

Be the first to post a review of KubiScan!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Python

Related Categories

Python Clustering Software, Python RBAC Tool

Registered

2024-03-25

Similar Business Software

groundcover

Cloud-based observability solution that helps businesses track and manage workload and performance on a unified dashboard. Monitor everything you run in your cloud without compromising on cost, granularity, or scale. groundcover is a full stack cloud-native APM platform designed to make...

See Software
Auth0

Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity...

See Software
JS7 JobScheduler

JS7 JobScheduler is an Open Source workload automation system designed for performance, resilience and security. It provides unlimited performance for parallel execution of jobs and workflows. JS7 offers cross-platform job execution, managed file transfer, complex no-code job dependencies and a...

See Software
Frontegg

Frontegg is a Customer Identity and Access Management (CIAM) platform that simplifies authentication, authorization, and user management for SaaS companies. It enables developers to implement advanced identity features quickly, then shift ongoing administration to other teams. With Frontegg,...

See Software
Proton VPN

Protect your business against damaging data breaches and easily comply with security frameworks like ISO 27001, GDPR, and HIPAA. Our software-only virtual private network easily integrates with your existing infrastructure to provide a flexible and scalable way to protect your...

See Software
CMW Platform

Low-code BPMS, helps mid-size and large companies automate, and improve business processes while staying aligned with enterprise architecture and IT policies. Business and IT teams can quickly build and adapt workflows without deep coding skills. BPM suite supports common use cases like CapEx...

See Software