kubestriker
OSQuery
kubestriker | OSQuery | |
---|---|---|
8 | 44 | |
978 | 21,361 | |
0.1% | 0.4% | |
0.0 | 8.8 | |
27 days ago | 1 day ago | |
Python | C++ | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kubestriker
-
Top 200 Kubernetes Tools for DevOps Engineer Like You
TerraScan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. klum - Kubernetes Lazy User Manager Kyverno - Kubernetes Native Policy Management https://kyverno.io kiosk - kiosk office Multi-Tenancy Extension For Kubernetes - Secure Cluster Sharing & Self-Service Namespace Provisioning kube-bench - CIS Kubernetes Benchmark tool kube-hunter - Pentesting tool - Hunts for security weaknesses in Kubernetes clusters kube-who-can - Show who has RBAC permissions to perform actions on different resources in Kubernetes starboard - Kubernetes-native security toolkit Simulator - Kubernetes Security Training Platform - Focussing on security mitigation RBAC Lookup - Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster https://fairwinds.com Kubeaudit - kubeaudit helps you audit your Kubernetes clusters against common security controls Gangway - An application that can be used to easily enable authentication flows via OIDC for a kubernetes cluster Audit2rbac - Autogenerate RBAC policies based on Kubernetes audit logs Chartsec - Helm Chart security scanner kubestriker - Security Auditing tool Datree - CLI tool to prevent K8s misconfigurations by ensuring that manifests and Helm charts follow best practices as well as your organization’s policies Krane - Kubernetes RBAC static Analysis & visualisation tool Flaco - The Falco Project - Cloud-Native runtime security Clair - Vulnerability Static Analysis for Containers Anchore Cli - Coomand Line Interface built on top of anchore engine to manage and inspect images, policies, subscriptions and registries Project Quay - Container image registry designed to boost the security of your repositories via vulnerability scanning and tight access control Kubescape - Tool to test if Kubernetes is deployed securely according to multiple frameworks: regulatory, customized company policies and DevSecOps best practices, such as the NSA-CISA and the MITRE ATT&CK®
-
Container security best practices: Comprehensive guide
Other tools you can use are linux-bench, docker-bench, kube-bench, kube-hunter, kube-striker, Cloud Custodian, OVAL, and OS Query.
- vchinnipilli/kubestriker - A Blazing fast Security Auditing tool for Kubernetes
- Kuberentes Security Auditing tool for devops and security professionals
- A fast Security Auditing tool for Kubernetes
- Kubestriker - A blazing fast Kubernetes security auditing tool
-
Kubestriker - A blazing fast Kubernetes security auditing tool for free
# Create python virtual environment $ python3 -m venv env # Activate python virtual environment $ source env/bin/activate # Clone this repository $ git clone https://github.com/vchinnipilli/kubestriker.git # Go into the repository $ cd kubestriker # Install dependencies $ pip install -r requirements.txt # Incase of prompt toolkit or selectmenu errors $ pip install prompt-toolkit==1.0.15 $ pip install -r requirements.txt # Gearing up Kubestriker $ python -m kubestriker # Result will be generated in the current working directory with the name of the target
- Kubestriker - A Blazing fast Security Auditing tool for kubernetes!!
OSQuery
-
Ask HN: SQLite in Production?
Perhaps the OP means OsQuery: https://github.com/osquery/osquery
OsQuery is an SQLite extension consisting of hundreds of virtual tables
-
Osquery: An sqlite3 virtual table exposing operating system data to SQL
There's at least one open data quality issue for `process_open_sockets` on macOS[1]. It's a few years old however and, if you aren't seeing that casting error, you probably aren't hitting it. But that's a good example of the kind of debt that's been built up over time.
(In terms of general purpose/flexible tooling, I'm not aware of a close replacement for osquery.)
[1]: https://github.com/osquery/osquery/issues/6319
- SQLite virtual table to query operating system data via SQL
-
Show HN: Natural Language to SQL "Text-to-SQL" API by Dataherald
The largest we have successfully deployed is on the OSQuery schema https://osquery.io/ which is 277 tables and lots of business context (malwares, vulnerabilities, Windows registry keys, etc).
-
Alternative to Endpoint Protector?
From a self hosted standpoint OSQuery or Wazuh are your best bets for monitoring USB devices. Windows makes blocking really challenging and I’m not aware of any “free” solutions that attempt it.
-
Firewall rules beyond "deny incoming, enable only the ports that you need"
Configure auditd to monitor host activity: https://izyknows.medium.com/linux-auditd-for-threat-detection-d06c8b941505 or osquery: https://osquery.io/ (or similar software: filebeat for example).
- Craziest thing I ever used SQLite for: partial file deduplication
-
Best Websites For Coders
OS Query : Easily ask questions about your Linux, Windows, and macOS infrastructure
-
Tool that let you know see EXE file on multiple PC?
Osquery + Fleet. https://osquery.io/ https://fleetdm.com/, using the two allows you to build a query to answer what ever questions you (or an auditor) might have about your environment.
- Osquery: SQL powered operating system instrumentation
What are some alternatives?
ScoutSuite - Multi-Cloud Security Auditing Tool
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
opencspm - Open Cloud Security Posture Management Engine
OSSEC - OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
SonarQube - Continuous Inspection
falco - Cloud Native Runtime Security
cloudsploit - Cloud Security Posture Management (CSPM)
lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
pixie - Instant Kubernetes-Native Application Observability
Suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
cloud-explorer - An API Gateway for Multi Cloud provider
SaltStack - Software to automate the management and configuration of any infrastructure or application at scale. Get access to the Salt software package repository here: