GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → chen-keinan → kube-knark

chen-keinan / kube-knark

Licence: Apache-2.0 license
Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes cluster

Programming Languages

go
31211 projects - #10 most used programming language
c
50402 projects - #5 most used programming language
shell
77523 projects

Labels

linuxkubernetessecurityscannerebpfebpf-programs

Projects that are alternatives of or similar to kube-knark

Sourceleakhacker
🐛 A multi threads web application source leak scanner
Stars: ✭ 226 (+606.25%)
Mutual labels:  scanner
bpfbox
🐝 BPFBox 📦 Exploring process confinement in eBPF
Stars: ✭ 93 (+190.63%)
Mutual labels:  ebpf
Recon-X
Advanced Reconnaissance tool to enumerate attacking surface of the target.
Stars: ✭ 27 (-15.62%)
Mutual labels:  scanner
Open Paperless
Scan, index, and archive all of your paper documents (acquired by Mayan EDMS)
Stars: ✭ 2,538 (+7831.25%)
Mutual labels:  scanner
Rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+10646.88%)
Mutual labels:  scanner
PIP-Module-Scanner
Scans your Python project for all installed third party pip libraries that are used and generates a requirements.txt file based on it
Stars: ✭ 19 (-40.62%)
Mutual labels:  scanner
Phonia
Phonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.
Stars: ✭ 221 (+590.63%)
Mutual labels:  scanner
Judge-Jury-and-Executable
A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+106.25%)
Mutual labels:  scanner
Retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities
Stars: ✭ 2,909 (+8990.63%)
Mutual labels:  scanner
extrude
🕵️ Analyse binaries for missing security features, information disclosure and more...
Stars: ✭ 51 (+59.38%)
Mutual labels:  scanner
Qrcode
qrcode scanner ( decoder ) by golang 二维码扫描识别
Stars: ✭ 233 (+628.13%)
Mutual labels:  scanner
Esp32marauder
A suite of WiFi/Bluetooth offensive and defensive tools for the ESP32
Stars: ✭ 233 (+628.13%)
Mutual labels:  scanner
ZZYQRCode
a scanner for QRCode barCode 最好用的ios二维码、条形码,扫描、生成框架,支持闪光灯,从相册获取,扫描音效等,高仿微信,微博
Stars: ✭ 124 (+287.5%)
Mutual labels:  scanner
Aggressor
Ladon for Cobalt Strike, Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password/brute-force/psexec/atexec/sshexec/webshell/smbexec/netcat/osscan/netscan/struts2Poc/weblogicExp
Stars: ✭ 228 (+612.5%)
Mutual labels:  scanner
aemscan
Adobe Experience Manager Vulnerability Scanner
Stars: ✭ 161 (+403.13%)
Mutual labels:  scanner
Sec Admin
分布式资产安全扫描核心管理系统(弱口令扫描,漏洞扫描)
Stars: ✭ 222 (+593.75%)
Mutual labels:  scanner
perf-monitor
Kernel profiler based on perf_event and ebpf
Stars: ✭ 28 (-12.5%)
Mutual labels:  ebpf
sx
🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (+3859.38%)
Mutual labels:  scanner
ebpf
Elastic's eBPF
Stars: ✭ 45 (+40.63%)
Mutual labels:  ebpf
rbbcc
BCC port for MRI - this is unofficial bonsai project.
Stars: ✭ 45 (+40.63%)
Mutual labels:  ebpf
View All Similar Projects ➔

Go Report Card License Build Status test coverage badge Gitter
kube-krank logo

Kube-Knark Project

Trace your kubernetes runtime !!

Kube-Knark is an open-source tracer that uses pcap & ebpf technology to perform runtime tracing on a deployed Kubernetes cluster. It is tracing the Kubernetes API execution and master node configuration files permission changes. The trace matching events are leveraged via go plugin webhooks

kube-knark trace the following :

kube-knark tracing data are reported :

  • Console dashboard
  • Go Plugin hooks

kube-Knark console:
kube-krank-console logo

Requirements

  • Go 1.13+
  • Linux Kernel 4.15+
  • Clang 10+
  • LLVM
  • Kernel Headers
  • Pcap

Installation

git clone https://github.com/chen-keinan/kube-knark
cd kube-knark
make build

Quick Start

Execute kube-knark without plugins

 ./kube-knark

User Plugin Usage (via go plugins)

The Kube-knark expose 2 hooks for user plugins Example :

  • OnK8sAPICallHook - this hook accepts k8s api call event with all details (http request /response ,matching API spec)
  • OnK8sFileConfigChangeHook - this hook accepts master file configuration change event with command details (chown or chmod ,args and matching file change spec)
Compile user plugin
go build -buildmode=plugin -o=~/<plugin folder>/<plugin>.so ~/<plugin folder>/<plugin>.go
Copy plugin to folder (.kube-knark folder is created on the 1st startup)
cp ~/<plugin folder>/<plugin>.so ~/.kube-knark/plugins/compile/<plugin>.so

Supported Specs

The Kube-knark support 2 specs and can be easily extended:

both specs can be easily extended by amended the spec files under ~/.kube-knark/spec folder

Contribution

  • code contribution is welcome !! , contribution with tests and passing linter is more than welcome :)
  • /.dev folder include vagrantfile to be used for development : Dev Instruction
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].