Security Tools

🔒 Security Tools — 48 Tools

🔒 Security Tools
Kubevious CLIPrevent cross-manifest errors and violations of best practicees in YAML files, Helm Charts and Kubernetes clusters
TerraScanDetect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
klumKubernetes Lazy User Manager
kube2iamIAM credentials to containers running inside a kubernetes cluster based on annotations.
KyvernoKubernetes Native Policy Management https://kyverno.io
kioskkiosk office Multi-Tenancy Extension For Kubernetes – Secure Cluster Sharing & Self-Service Namespace Provisioning
kube-benchCIS Kubernetes Benchmark tool
kube-hunterPentesting tool – Hunts for security weaknesses in Kubernetes clusters
kube-who-canShow who has RBAC permissions to perform actions on different resources in Kubernetes
starboardKubernetes-native security toolkit
SimulatorKubernetes Security Training Platform – Focussing on security mitigation
RBAC LookupEasily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster https://fairwinds.com
Kubeauditkubeaudit helps you audit your Kubernetes clusters against common security controls
GangwayAn application that can be used to easily enable authentication flows via OIDC for a kubernetes cluster
Audit2rbacAutogenerate RBAC policies based on Kubernetes audit logs
ChartsecHelm Chart security scanner
kubestrikerSecurity Auditing tool
DatreeCLI tool to prevent K8s misconfigurations by ensuring that manifests and Helm charts follow best practices as well as your organization’s policies
KraneKubernetes RBAC static Analysis & visualisation tool
FalcoThe Falco Project – Cloud-Native runtime security
ClairVulnerability Static Analysis for Containers
M9sweeperComplete Kubernetes Security Platform
TrivyFind vulnerabilities, misconfigurations, secrets, SBOM in Kubernetes
kubesecSecurity risk analysis for Kubernetes resources
Vault-k8sFirst-class support for Vault and Kubernetes
HardeneksRuns checks to see if an EKS cluster follows EKS Best Practices.
HubbleNetwork, Service & Security Observability for Kubernetes using eBPF
KubevalValidate your Kubernetes configuration files, supports multiple Kubernetes versions
ParalusParalus enables controlled, audited access to Kubernetes infrastructure and Zero trust Kubernetes with zero friction.
PeiratesKubernetes Penetration Testing tool
Kubectl-kubesecSecurity risk analysis for Kubernetes resources
jsPolicyjsPolicy is a policy engine for Kubernetes that allows you to write policies in JavaScript or TypeScript
NetchecksSet of tools for testing network conditions and asserting that they are as expected.
KubeLinterKubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices
IceKubeIceKube is a tool to help find attack paths within a Kubernetes cluster from a low privileged point, to a preferred location, typically cluster-admin
kube-rebac-authorizerBeyond RBAC: Implementing Relation-based Access Control for Kubernetes with OpenFGA
MTKPI🧰 Multi Tool Kubernetes Pentest Image
KubeZooa lightweight kubernetes multi-tenancy gateway
kubectl-modify-secretsallows user to directly modify the secret without worrying about base64 encoding/decoding
rbac-toolRapid7 insightCloudSec Kubernetes RBAC Power Toys – Visualize, Analyze, Generate & Query
KubeClarityKubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems.
MKATAll-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS
KubescapeKubernetes security platform for configuration scanning, risk analysis, and runtime protection. CNCF project that includes policy enforcement, vulnerability scanning, and RBAC visualizer
OligoObserve application behavior to see what your risks really are – and stop breaches before they begin
kube-advisor.iokube-advisor.io lets you detect misconfigurations and best practice violations of your Kubernetes clusters – continuously and in real-time
TetragoneBPF-based Security Observability and Runtime Enforcement for Kubernetes
KubeHoundTool for building Kubernetes attack paths – identify attack paths within a Kubernetes cluster
scan2htmlA Trivy plugin that scans and outputs results (vulnerabilities, misconfigurations, secrets, SBOM) to an interactive HTML file