chen-keinan / kube-knark
Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes cluster
☆36Updated 3 years ago
Alternatives and similar repositories for kube-knark:
Users that are interested in kube-knark are comparing it to the libraries listed below
- Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runti…☆54Updated 3 months ago
- ☆25Updated 10 months ago
- Aqua Enterprise scanner as a plug-in vulnerability scanner in the Harbor registry☆36Updated 5 months ago
- ☆29Updated 2 months ago
- Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification☆65Updated 3 months ago
- An query language and interactive tooling to work with SBOM data.☆14Updated 5 months ago
- A replacement for "kubectl exec" that works over WebSocket connections.☆38Updated last year
- Kubernetes offensive framework built in eBPF☆37Updated 2 years ago
- egrets monitors egress☆45Updated 4 years ago
- Kit for building Falco drivers: kernel modules or eBPF probes☆65Updated this week
- Kubernetes admission webhook that uses cosign verify to check the subject and issuer of the image matches what you expect☆23Updated 3 weeks ago
- a tool to audit the istio service mesh☆173Updated 3 years ago
- ☆20Updated 10 months ago
- Dynamic Outbound Firewall Authorizer☆22Updated 2 years ago
- Red team tool that emulates the SolarWinds CI compromise attack vector.☆22Updated last year
- Intent driven security automation framework☆25Updated last week
- Generate a variety of suspect actions that are detected by Falco rulesets☆102Updated 2 weeks ago
- Evolution process of The Falco Project☆50Updated this week
- insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.☆50Updated 3 years ago
- Publications from the eBPF foundation☆23Updated 4 months ago
- ptrace-based event producer for udig☆67Updated 2 years ago
- ☆11Updated 2 months ago
- Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass☆18Updated 3 years ago
- Proof-of-Concept python script that implements DNS spoofing attack in Kubernetes environment from a pod located on a Worker server☆14Updated 4 years ago
- A repository to store Rad Fingerprinting data.☆24Updated 8 months ago
- agent for handling seccomp descriptors for container runtimes☆46Updated last year
- INTERCEPT / Policy as Code Auditing & Compliance☆84Updated 2 months ago
- Use eBPF to inject chaos into local processes☆64Updated 6 months ago
- Inspect SSL/TLS traffic using eBPF☆19Updated 5 months ago
- Go implementation of witness☆33Updated this week