jcarabantes/k8s-audit-utils

Dockerfile with some k8s audit tools

Introduction

This is a simple Dockerfile I've created to consolidate various tools for Kubernetes and OpenShift audits and pentests.

Key Tools Included

• Kubeaudit
• Kubescape
• Popeye
• Trivy
• Peirates

Other common tools such as nuclei, nmap, nikto, or tcpdump are also included.

Usage:

From docker hub:

# Pull
docker pull jcarabantes/intense-security-audit-utils:1.1.3
# Mount your K8s config file and interact
docker run -v $(pwd)/config:/home/pentester/.kube/config --rm -it jcarabantes/intense-security-audit-utils:1.1.3 bash

From this repo

docker build -t intense-security/k8s-audit-utils:latest .
docker run -v $(pwd)/config:/home/pentester/.kube/config --rm -it intense-security/k8s-audit-utils:latest bash

References

• OWASP Kubernetes Top 10 Overview
• Kubernetes Security - HackTricks