I'm trying to understand if there is a difference between running kube-hunter using the cli option and running in a pod. If yes, what is the preferred/best way to scan clusters (using cli or running as a pod)?
Minimal example (if applicable)
I observed that he reports generated when scanning using the cli option and when running kube-hunter in a pod within the cluster are different. From these results, I could not fully understand whether i missed to add flags while running the scan within the cluster or these two methods of scanning are not the same.
While using the cli option I got the report that I have one vulnerability in my cluster, whereas running the same scan in the pod did not show the vulnerability.
What are you trying to achieve
I'm trying to understand if there is a difference between running kube-hunter using the cli option and running in a pod. If yes, what is the preferred/best way to scan clusters (using cli or running as a pod)?
Minimal example (if applicable)
I observed that he reports generated when scanning using the cli option and when running kube-hunter in a pod within the cluster are different. From these results, I could not fully understand whether i missed to add flags while running the scan within the cluster or these two methods of scanning are not the same.
While using the cli option I got the report that I have one vulnerability in my cluster, whereas running the same scan in the pod did not show the vulnerability.
I applied the job.yaml file to run in the pod.