aquasecurity / kube-hunter

Hunt for security weaknesses in Kubernetes clusters
Apache License 2.0
4.77k stars 587 forks source link

Difference between scanning cluster using CLI and running it as a pod within the cluster #541

Open wxnks opened 1 year ago

wxnks commented 1 year ago

What are you trying to achieve

I'm trying to understand if there is a difference between running kube-hunter using the cli option and running in a pod. If yes, what is the preferred/best way to scan clusters (using cli or running as a pod)?

Minimal example (if applicable)

I observed that he reports generated when scanning using the cli option and when running kube-hunter in a pod within the cluster are different. From these results, I could not fully understand whether i missed to add flags while running the scan within the cluster or these two methods of scanning are not the same.

While using the cli option I got the report that I have one vulnerability in my cluster, whereas running the same scan in the pod did not show the vulnerability.

I applied the job.yaml file to run in the pod.