├── .gitignore ├── CHANGELOG.md ├── CONTRIBUTING.md ├── CVE.json ├── DockerHubDockerfile ├── DockerHubDockerfileAlpine ├── Dockerfile ├── DockerfileAlpine ├── KubiScan.py ├── LICENSE ├── NOTICES.txt ├── README.md ├── __init__.py ├── api ├── __init__.py ├── api_client.py ├── api_client_temp.py ├── base_client_api.py ├── client_factory.py ├── config.py └── static_api_client.py ├── docker_run.sh ├── engine ├── __init__.py ├── capabilities │ └── capabilities.py ├── container.py ├── join_token.sh ├── jwt_token.py ├── pod.py ├── priority.py ├── privleged_containers.py ├── role.py ├── role_binding.py ├── rule.py ├── subject.py └── utils.py ├── examples └── examples.txt ├── misc ├── __init__.py ├── colours.py └── constants.py ├── requirements.txt ├── risky_roles.yaml ├── static_risky_roles.py ├── static_scan.py ├── static_unit_test └── static_scan_test.py ├── unit_test.py └── unit_test ├── kubectl_apply.sh ├── kubiscan-sa ├── kubiscan-sa2 └── readme /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/.gitignore -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/CHANGELOG.md -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /CVE.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/CVE.json -------------------------------------------------------------------------------- /DockerHubDockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/DockerHubDockerfile -------------------------------------------------------------------------------- /DockerHubDockerfileAlpine: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/DockerHubDockerfileAlpine -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/Dockerfile -------------------------------------------------------------------------------- /DockerfileAlpine: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/DockerfileAlpine -------------------------------------------------------------------------------- /KubiScan.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/KubiScan.py -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/LICENSE -------------------------------------------------------------------------------- /NOTICES.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/NOTICES.txt -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/README.md -------------------------------------------------------------------------------- /__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /api/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /api/api_client.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/api/api_client.py -------------------------------------------------------------------------------- /api/api_client_temp.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/api/api_client_temp.py -------------------------------------------------------------------------------- /api/base_client_api.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/api/base_client_api.py -------------------------------------------------------------------------------- /api/client_factory.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/api/client_factory.py -------------------------------------------------------------------------------- /api/config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/api/config.py -------------------------------------------------------------------------------- /api/static_api_client.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/api/static_api_client.py -------------------------------------------------------------------------------- /docker_run.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/docker_run.sh -------------------------------------------------------------------------------- /engine/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /engine/capabilities/capabilities.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/engine/capabilities/capabilities.py -------------------------------------------------------------------------------- /engine/container.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/engine/container.py -------------------------------------------------------------------------------- /engine/join_token.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/engine/join_token.sh -------------------------------------------------------------------------------- /engine/jwt_token.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/engine/jwt_token.py -------------------------------------------------------------------------------- /engine/pod.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/engine/pod.py -------------------------------------------------------------------------------- /engine/priority.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/engine/priority.py -------------------------------------------------------------------------------- /engine/privleged_containers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/engine/privleged_containers.py -------------------------------------------------------------------------------- /engine/role.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/engine/role.py -------------------------------------------------------------------------------- /engine/role_binding.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/engine/role_binding.py -------------------------------------------------------------------------------- /engine/rule.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/engine/rule.py -------------------------------------------------------------------------------- /engine/subject.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/engine/subject.py -------------------------------------------------------------------------------- /engine/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/engine/utils.py -------------------------------------------------------------------------------- /examples/examples.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/examples/examples.txt -------------------------------------------------------------------------------- /misc/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /misc/colours.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/misc/colours.py -------------------------------------------------------------------------------- /misc/constants.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/misc/constants.py -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | kubernetes==11.0.0 2 | PTable==0.9.2 3 | -------------------------------------------------------------------------------- /risky_roles.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/risky_roles.yaml -------------------------------------------------------------------------------- /static_risky_roles.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/static_risky_roles.py -------------------------------------------------------------------------------- /static_scan.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/static_scan.py -------------------------------------------------------------------------------- /static_unit_test/static_scan_test.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/static_unit_test/static_scan_test.py -------------------------------------------------------------------------------- /unit_test.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/unit_test.py -------------------------------------------------------------------------------- /unit_test/kubectl_apply.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/unit_test/kubectl_apply.sh -------------------------------------------------------------------------------- /unit_test/kubiscan-sa: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/unit_test/kubiscan-sa -------------------------------------------------------------------------------- /unit_test/kubiscan-sa2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/unit_test/kubiscan-sa2 -------------------------------------------------------------------------------- /unit_test/readme: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cyberark/KubiScan/HEAD/unit_test/readme --------------------------------------------------------------------------------