Closed danielsagi closed 2 years ago
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.
Merging #489 (947e710) into main (c17aa17) will increase coverage by
0.02%
. The diff coverage is63.63%
.
@@ Coverage Diff @@
## main #489 +/- ##
==========================================
+ Coverage 64.49% 64.51% +0.02%
==========================================
Files 46 46
Lines 2512 2531 +19
==========================================
+ Hits 1620 1633 +13
- Misses 892 898 +6
Impacted Files | Coverage Δ | |
---|---|---|
kube_hunter/modules/report/dispatchers.py | 46.66% <ø> (ø) |
|
kube_hunter/core/events/handler.py | 86.58% <42.85%> (-2.89%) |
:arrow_down: |
kube_hunter/conf/__init__.py | 96.96% <100.00%> (+0.54%) |
:arrow_up: |
kube_hunter/conf/parser.py | 81.25% <100.00%> (+1.25%) |
:arrow_up: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact)
,ø = not affected
,? = missing data
Powered by Codecov. Last update c17aa17...947e710. Read the comment docs.
Description
This feature enables advanced users to explicitly specify which hunters they want kube-hunter to register. Now
Added:
--custom
flag that receives a list of hunter class names to whitelist the registration process--raw-hunter-names
to use in conjunction with--list
in order to view Hunter class names, to use with the custom featureInternal changes:
core_hunters
which will always register.handles.py
and is now running at the start of every register operation, to check whether custom hunt is enabled, and if so checks the whitelisted hunters. this is done by the new method:allowed_for_custom_registration(target_hunter)
in the event queue objectThe future
Due to the complexity of kube-hunter's event handling. it is hard to create a custom hunt by a given wanted end result (Some vulnerability to check)
I want us to add a mapping for every hunter of what vulnerabilities it might produce, by that we can then generate a decision tree by which we can automatically register all of the hunters responsible to output such end vulnerability. This will result in an easy advanced custom hunting, which would allow users to only use partial logic in kube-hunter, without having to know class names.
BEFORE
AFTER
Contribution checklist
Notes
Please mention if you have not checked any of the above boxes.