• Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • About Darknet
  • Hacking Tools
  • Popular Posts
  • Darknet Archives
  • Contact Darknet
    • Advertise
    • Submit a Tool
Darknet – Hacking Tools, Hacker News & Cyber Security

Darknet - Hacking Tools, Hacker News & Cyber Security

Darknet is your best source for the latest hacking tools, hacker news, cyber security best practices, ethical hacking & pen-testing.

GKE Auditor – Detect Google Kubernetes Engine Misconfigurations

January 1, 2021

Views: 2,741

GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security and development teams streamline the configuration process and save time looking for generic bugs and vulnerabilities.

GKE Auditor - Detect Google Kubernetes Engine Misconfigurations

The tool consists of individual modules called Detectors, each scanning for a specific vulnerability.

Installing and Using GKE Auditor to Detect Google Kubernetes Engine Misconfigurations

Installation

1
2
3
git clone https://github.com/google/gke-auditor
cd ./gke-auditor/
./build.sh

Usage

The tool has to be built by running the build.sh script first.

Once the tool is built, it can be run using the auditor.sh script, using the following options:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
./auditor.sh [-a] [-ast] [-c] [-d] [-h] [-i <arg>] [-p <arg>] [-q]
       [-r <arg>]
-a,--all          Run all detectors.
-ast,--assets     Run all detectors for each individual asset.
-c,--color        Turns on tool output coloring.
-d,--defaults     Runs detectors including Kubernetes default assets.
                   Disabled by default.
-h,--help         Print help information.
-i,--iso <arg>    Run Node Isolation detectors.
                   To run all detectors, omit the argument list.
                   To specify individual detectors to run, give a list of
                   indices:
                   1. NODE_SELECTOR_POD_REJECTED
                   2. NODE_TAINTS_POD_REJECTED
                   3. NODE_AFFINITY_POD_REJECTED
-p,--psp <arg>    Run PSP (Pod Security Policy) detectors.
                   To run all detectors, omit the argument list.
                   To specify individual detectors to run, give a list of
                   indices:
                   1. PRIVILEGED_CONTAINERS
                   2. CONTAINERS_SHARING_HOST_PROCESS_ID_NAMESPACE
                   3. CONTAINERS_SHARING_HOST_IPC
                   4. CONTAINER_SHARING_HOST_NETWORK_NAMESPACE
                   5. CONTAINERS_ALLOW_PRIVILEGE_ESCALATION
                   6. ROOT_CONTAINERS_ADMISSION
                   7. CONTAINERS_NET_RAW_CAPABILITY
                   8. CONTAINERS_ADDED_CAPABILITIES
                   9. CONTAINERS_CAPABILITIES_ASSIGNED
-q,--quiet        Prints out only misconfigurations, without additional
                   detector info. Disabled by default.
-r,--rbac <arg>   Run RBAC (Role Based Access Control) detectors.
                   To run all detectors, omit the argument list.
                   To specify individual detectors to run, give a list of
                   indices:
                   1. CLUSTER_ADMIN_ROLE_USED
                   2. SECRET_ACCESS_ALLOWED
                   3. WILDCARD_USED
                   4. CREATE_PODS_ALLOWED
                   5. AUTOMOUNT_SERVICE_ACCOUNT_TOKEN_ENABLED
                   6. ESCALATING_RESOURCES_REPORT

General Detector Output Format for GKE Auditor

  • Detector: Detector name
  • Explanation: A short explanation of the concept that is being checked. Describes how and why the concept be a security issue. Often includes links to the documentation for more information.
  • Remediation: Steps to take in order to review the problem and resolve the vulnerability.
  • Useful links: Links to the documentation or other resources where the customer can learn about the issues at hand.
  • Level: one of [VULNERABILITY, WARNING]. VULNERABILITY implies security recommendations are not being followed, whereas a WARNING is informational and implies a potential vulnerability could exist.
  • Severity: one of [LOW, MEDIUM, HIGH]. Indicator of the seriousness of detected issues.
  • Vulnerable assets: List of assets that have the above-described vulnerability.
  • You can download GKE Auditor here:

    gke-auditor-master.zip

    Or read more here.

    Related Posts:

    • An Introduction To Web Application Security Systems
    • Upload_Bypass - Bypass Upload Restrictions During…
    • testssl.sh - Test SSL Security Including Ciphers,…
    • Falco - Real-Time Threat Detection for Linux and Containers
    • Pupy Download - Open-Source Remote Administration Tool - RAT
    • HTTrack - Website Downloader Copier & Site Ripper Download
    Share
    Tweet34
    Share
    Buffer12
    WhatsApp
    Email
    46 Shares

    Filed Under: Countermeasures



    Primary Sidebar

    Search Darknet

    • Email
    • Facebook
    • LinkedIn
    • RSS
    • Twitter

    Advertise on Darknet

    Latest Posts

    Defending Against Malicious Botnets in 2025 Automated Traffic Threats and Mitigation

    Defending Against Malicious Botnets in 2025 Automated Traffic Threats and Mitigation

    Views: 175

    Automated internet traffic will now overtake human activity, presenting sophisticated cyber threats … ...More about Defending Against Malicious Botnets in 2025 Automated Traffic Threats and Mitigation

    TREVORspray - Credential Spray Toolkit for Azure, Okta, OWA & More

    TREVORspray – Credential Spray Toolkit for Azure, Okta, OWA & More

    Views: 342

    TREVORspray is a purpose-built password spraying utility designed for red teams and offensive … ...More about TREVORspray – Credential Spray Toolkit for Azure, Okta, OWA & More

    Force Push Scanner - Hunt GitHub Dangling Commits for Leaked Secrets

    Force Push Scanner – Hunt GitHub Dangling Commits for Leaked Secrets

    Views: 349

    Force Push Scanner is an offensive security tool that identifies secrets inadvertently left in … ...More about Force Push Scanner – Hunt GitHub Dangling Commits for Leaked Secrets

    Emerging Darknet Marketplaces of 2025 Anatomy Tactics & Trends

    Emerging Darknet Marketplaces of 2025 Anatomy Tactics & Trends

    Views: 5,485

    Darknet marketplaces remain central to illicit trade in 2025, with evolving business models, payment … ...More about Emerging Darknet Marketplaces of 2025 Anatomy Tactics & Trends

    Caracal - Rust eBPF Rootkit for Stealthy Post-Exploitation

    Caracal – Rust eBPF Rootkit for Stealthy Post-Exploitation

    Views: 519

    Caracal is a new Rust-based eBPF (extended Berkeley Packet Filter) rootkit that provides a stealth … ...More about Caracal – Rust eBPF Rootkit for Stealthy Post-Exploitation

    Windows_EndPoint_Audit - Endpoint Security Auditing Toolkit

    Windows_EndPoint_Audit – Endpoint Security Auditing Toolkit

    Views: 575

    Windows_EndPoint_Audit from ITAuditMaverick introduces a powerful method for offensive security … ...More about Windows_EndPoint_Audit – Endpoint Security Auditing Toolkit

    Topics

    • Advertorial (28)
    • Apple (46)
    • Cloud Security (2)
    • Countermeasures (231)
    • Cryptography (84)
    • Dark Web (1)
    • Database Hacking (89)
    • Events/Cons (7)
    • Exploits/Vulnerabilities (432)
    • Forensics (65)
    • GenAI (4)
    • Hacker Culture (9)
    • Hacking News (231)
    • Hacking Tools (688)
    • Hardware Hacking (82)
    • Legal Issues (179)
    • Linux Hacking (74)
    • Malware (240)
    • Networking Hacking Tools (353)
    • Password Cracking Tools (105)
    • Phishing (41)
    • Privacy (219)
    • Secure Coding (119)
    • Security Software (236)
    • Site News (51)
      • Authors (6)
    • Social Engineering (37)
    • Spammers & Scammers (76)
    • Stupid E-mails (6)
    • Telecomms Hacking (6)
    • UNIX Hacking (6)
    • Virology (6)
    • Web Hacking (384)
    • Windows Hacking (170)
    • Wireless Hacking (45)

    Security Blogs

    • Dancho Danchev
    • F-Secure Weblog
    • Google Online Security
    • Graham Cluley
    • Internet Storm Center
    • Krebs on Security
    • Schneier on Security
    • TaoSecurity
    • Troy Hunt

    Security Links

    • Exploits Database
    • Linux Security
    • Register – Security
    • SANS
    • Sec Lists
    • US CERT

    Footer

    Most Viewed Posts

    • Brutus Password Cracker Hacker – Download brutus-aet2.zip AET2 (2,333,818)
    • Darknet – Hacking Tools, Hacker News & Cyber Security (2,173,359)
    • Top 15 Security Utilities & Download Hacking Tools (2,096,839)
    • 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) (1,199,813)
    • Password List Download Best Word List – Most Common Passwords (933,804)
    • wwwhack 1.9 – wwwhack19.zip Web Hacking Software Free Download (776,476)
    • Hack Tools/Exploits (673,480)
    • Wep0ff – Wireless WEP Key Cracker Tool (530,461)

    Search

    Recent Posts

    • Defending Against Malicious Botnets in 2025 Automated Traffic Threats and Mitigation July 16, 2025
    • TREVORspray – Credential Spray Toolkit for Azure, Okta, OWA & More July 14, 2025
    • Force Push Scanner – Hunt GitHub Dangling Commits for Leaked Secrets July 11, 2025
    • Emerging Darknet Marketplaces of 2025 Anatomy Tactics & Trends July 9, 2025
    • Caracal – Rust eBPF Rootkit for Stealthy Post-Exploitation July 7, 2025
    • Windows_EndPoint_Audit – Endpoint Security Auditing Toolkit July 4, 2025

    Tags

    apple botnets computer-security darknet Database Hacking ddos dos exploits fuzzing google hacking-networks hacking-websites hacking-windows hacking tool Information-Security information gathering Legal Issues malware microsoft network-security Network Hacking Password Cracking pen-testing penetration-testing Phishing Privacy Python scammers Security Security Software spam spammers sql-injection trojan trojans virus viruses vulnerabilities web-application-security web-security windows windows-security Windows Hacking worms XSS

    Copyright © 1999–2025 Darknet All Rights Reserved · Privacy Policy