KubiScan

A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model. KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpful on large environments where there are lots of permissions that can be challenging to track. KubiScan gathers information about risky roles\clusterroles, rolebindings\clusterrolebindings, users and pods, automating traditional manual processes and giving administrators the visibility they need to reduce risk.

Features

Identify risky Roles\ClusterRoles
Identify risky RoleBindings\ClusterRoleBindings
Identify risky Subjects (Users, Groups and ServiceAccounts)
Get associated RoleBindings\ClusterRoleBindings to Role, ClusterRole or Subject (user, group or service account)
List rules of RoleBinding or ClusterRoleBinding
Show Pods that have access to secret data through a volume or environment variables
Get bootstrap tokens for the cluster

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow KubiScan

KubiScan Web Site

Other Useful Business Software

Try Google Cloud Risk-Free With $300 in Credit

No hidden charges. No surprise bills. Cancel anytime.

Use your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.

Start Free

Rate This Project

User Reviews

Be the first to post a review of KubiScan!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Python

Related Categories

Python Clustering Software, Python RBAC Tool

Registered

2024-03-25

Similar Business Software

Auth0

Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity...

See Software
Frontegg

Frontegg is a Customer Identity and Access Management (CIAM) platform that simplifies authentication, authorization, and user management for SaaS companies. It enables developers to implement advanced identity features quickly, then shift ongoing administration to other teams. With Frontegg,...

See Software
Wave Browser

Wave Browser is an efficient, eco-conscious browser that creates a cleaner, more organized, and more meaningful online experience while helping remove ocean plastic through its partnership with 4ocean. Built on the trusted Chromium foundation, Wave Browser brings essential tools directly into...

See Software
SureSync

SureSync Pro is a file replication and synchronization application that provides one-way and multi-way processing in both scheduled and real-time modes. The Communications Agent provides real-time monitors, delta copies via Remote Differential Compression, TCP communications, compression, and...

See Software
Safetica

Safetica’s Intelligent Data Security protects sensitive data where teams work, using powerful AI to deliver contextual awareness, reduce false positives, and stop real threats without disrupting productivity. With Safetica, security teams can maintain visibility and control over sensitive data,...

See Software
Kasm Workspaces

Kasm Workspaces streams your workplace environment directly to your web browser…on any device and from any location. Kasm uses our high-performance streaming and secure isolation technology to provide web-native Desktop as a Service (DaaS), application streaming, and secure/private web...

See Software