I am installing the kube-hunter in gke cluster in GCP cloud.
I am using this image aquasec/kube-hunter which is present in the DockerHub
But when im applying it the kube-hunter is not working.. Its because of the IP ranges which im not able to pass through command in k8s job.yaml file.
if i run this docker file locally and passing--remote HOSTIP this will work.
kubectl logs -f pod/kube-hunter-h65g8 -n kube-hunter
2021-10-10 12:40:00,090 INFO kube_hunter.modules.report.collector Started hunting
2021-10-10 12:40:00,090 INFO kube_hunter.modules.report.collector Discovering Open Kubernetes Services
2021-10-10 12:40:00,103 INFO kube_hunter.modules.report.collector Found vulnerability "Read access to pod's service account token" in Local to Pod (kube-hunter-h65g8)
2021-10-10 12:40:00,105 INFO kube_hunter.modules.report.collector Found vulnerability "Access to pod's secrets" in Local to Pod (kube-hunter-h65g8)
2021-10-10 12:40:00,106 INFO kube_hunter.modules.report.collector Found vulnerability "CAP_NET_RAW Enabled" in Local to Pod (kube-hunter-h65g8)
Vulnerabilities
For further information about a vulnerability, search its ID in:
https://avd.aquasec.com/
I am installing the kube-hunter in gke cluster in GCP cloud.
I am using this image
aquasec/kube-hunter
which is present in the DockerHubBut when im applying it the kube-hunter is not working.. Its because of the IP ranges which im not able to pass through command in k8s job.yaml file.
if i run this docker file locally and passing
--remote HOSTIP
this will work.