kubestriker
pixie
Our great sponsors
kubestriker | pixie | |
---|---|---|
8 | 19 | |
978 | 5,262 | |
0.6% | 1.7% | |
0.0 | 9.4 | |
18 days ago | 11 days ago | |
Python | C++ | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kubestriker
-
Top 200 Kubernetes Tools for DevOps Engineer Like You
TerraScan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. klum - Kubernetes Lazy User Manager Kyverno - Kubernetes Native Policy Management https://kyverno.io kiosk - kiosk office Multi-Tenancy Extension For Kubernetes - Secure Cluster Sharing & Self-Service Namespace Provisioning kube-bench - CIS Kubernetes Benchmark tool kube-hunter - Pentesting tool - Hunts for security weaknesses in Kubernetes clusters kube-who-can - Show who has RBAC permissions to perform actions on different resources in Kubernetes starboard - Kubernetes-native security toolkit Simulator - Kubernetes Security Training Platform - Focussing on security mitigation RBAC Lookup - Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster https://fairwinds.com Kubeaudit - kubeaudit helps you audit your Kubernetes clusters against common security controls Gangway - An application that can be used to easily enable authentication flows via OIDC for a kubernetes cluster Audit2rbac - Autogenerate RBAC policies based on Kubernetes audit logs Chartsec - Helm Chart security scanner kubestriker - Security Auditing tool Datree - CLI tool to prevent K8s misconfigurations by ensuring that manifests and Helm charts follow best practices as well as your organization’s policies Krane - Kubernetes RBAC static Analysis & visualisation tool Flaco - The Falco Project - Cloud-Native runtime security Clair - Vulnerability Static Analysis for Containers Anchore Cli - Coomand Line Interface built on top of anchore engine to manage and inspect images, policies, subscriptions and registries Project Quay - Container image registry designed to boost the security of your repositories via vulnerability scanning and tight access control Kubescape - Tool to test if Kubernetes is deployed securely according to multiple frameworks: regulatory, customized company policies and DevSecOps best practices, such as the NSA-CISA and the MITRE ATT&CK®
-
Container security best practices: Comprehensive guide
Other tools you can use are linux-bench, docker-bench, kube-bench, kube-hunter, kube-striker, Cloud Custodian, OVAL, and OS Query.
- vchinnipilli/kubestriker - A Blazing fast Security Auditing tool for Kubernetes
- Kuberentes Security Auditing tool for devops and security professionals
- A fast Security Auditing tool for Kubernetes
- Kubestriker - A blazing fast Kubernetes security auditing tool
-
Kubestriker - A blazing fast Kubernetes security auditing tool for free
# Create python virtual environment $ python3 -m venv env # Activate python virtual environment $ source env/bin/activate # Clone this repository $ git clone https://github.com/vchinnipilli/kubestriker.git # Go into the repository $ cd kubestriker # Install dependencies $ pip install -r requirements.txt # Incase of prompt toolkit or selectmenu errors $ pip install prompt-toolkit==1.0.15 $ pip install -r requirements.txt # Gearing up Kubestriker $ python -m kubestriker # Result will be generated in the current working directory with the name of the target
- Kubestriker - A Blazing fast Security Auditing tool for kubernetes!!
pixie
- Grafana Beyla: OSS eBPF auto-instrumentation for application observability
-
Show HN: Alaz: Open-Source, Self-Hosted, eBPF-Based K8s Monitoring
I am really curious, why build another project that has similar features as another open source software pixie - https://px.dev/.
-
Open source alternatives to Grafana
Kibana is a good alternative if you can allow storing all your data in Elasticsearch, or you can use all-in-one monitoring tools like pixie https://github.com/pixie-io/pixie
-
Lens Dashboard for monitoring multiple AKS/EKS/... clusters
Plenty of paid monitoring solutions out there. Instana is pretty slick. NewRelic has a new open source tool, https://github.com/pixie-io/pixie
-
Too many cook in the kitchen? I find everyone just wanna create their own Kubernetes plugin solution.
Cilium multi-cluster mesh is a bit different, compared to service meshes, and it's L4, so should be fine with eBPF / XDP based routing. From observability standpoint I'd go for pixie - it should work just fine with both linkerd and istio, instead of Hubble, and Cilium's Tetragon was missing policies about 3-4 months ago (needs doublec-hecking if they had introduced any).
- Improving Observability of Go Services
-
Launch HN: Odigos (YC W23) – Instant distributed tracing for Kubernetes clusters
Congratulations on the launch, and thank you for choosing an awesome license!
For an unrelated reason, today I was reminded about Pixie (https://news.ycombinator.com/item?id=25375170 and https://news.ycombinator.com/item?id=31687978 and https://github.com/pixie-io/pixie#readme ), which says is also an ebpf kubernetes observability tool, also Apache licensed.
I suspect the difference may be your aspirations to move out of just kubernetes, but I wondered if that's the biggest difference between your project and theirs? Or maybe the C++ versus golang?
- Linux /proc/pid/stat parsing bugs
- Go based eBPF projects
-
Does mTLS add request latency due to ssl termination? Any best practices for performance?
eBPF solutions look cool though. I heard of https://px.dev/ which sounds similar to ciliums eBPF mesh recently.
What are some alternatives?
ScoutSuite - Multi-Cloud Security Auditing Tool
cilium - eBPF-based Networking, Security, and Observability
opencspm - Open Cloud Security Posture Management Engine
parca - Continuous profiling for analysis of CPU and memory usage, down to the line number and throughout time. Saving infrastructure cost, improving performance, and increasing reliability.
SonarQube - Continuous Inspection
tracer - 🧶 Dead simple, lightweight tracing.
cloudsploit - Cloud Security Posture Management (CSPM)
statsviz - 🚀 Visualise your Go program runtime metrics in real time in the browser
cloud-explorer - An API Gateway for Multi Cloud provider
enhancements - Enhancements tracking repo for Kubernetes
kubernetes-the-hard-way-aws - AWS version of Kelsey's kubernetes-the-hard-way
sysbindings - sysctl/sysfs settings on a fly for Kubernetes Cluster. No restarts are required for clusters and nodes.