Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦βΈοΈ Kubestrike: an incredibly fast security auditing tool for Kubernetes :
Kubestrike performs numerous in-depth inspections of the Kubernetes infrastructure to identify security misconfigurations and issues DevOps engineers / developers may encounter when using Kubernetes, especially in production and at large scale.
kubestrike is platform independent and works equally well on many platforms like standalone k8s, Amazon EKS, Azure AKS, Google GKE, etc.
Current opportunities
Scans Kubernetes infrastructure managed by a standalone and cloud provider
During the exploration phase, the presence of various services or open ports is checked
Performs automatic scans if unsafe services, read-write, or read-only services are enabled.
Performs both Authenticated Scan and Non-Authenticated Scan
Scans a wide variety of IAM misconfigurations across a cluster
Scans a wide range of misconfigured containers
Scans for many misconfigured pod security policies
Performs with kanirovanie the presence of a wide variety of incorrectly configured network policies
Scans the privileges of a subject in the cluster
Runs commands in containers and feeds back the output
Provides endpoints of misconfigured services
Provides information about possible privilege escalation
Provides a detailed report with detailed explanation
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) clone https://github.com/vchinnipilli/kubestriker#how-to-install
2) go dir
3) # Create python virtual environment
$ python3 -m venv env
# Activate python virtual environment
$ source env/bin/activate
# Clone this repository
$ git clone https://github.com/vchinnipilli/kubestriker.git
# Go into the repository
$ cd kubestriker
# Install dependencies
$ pip install -r requirements.txt
# Incase of prompt toolkit or selectmenu errors
$ pip install prompt-toolkit==1.0.15
$ pip install -r requirements.txt
# Gearing up Kubestriker
$ python -m kubestriker
# Result will be generated in the current working directory with the name of the target
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦βΈοΈ Kubestrike: an incredibly fast security auditing tool for Kubernetes :
Kubestrike performs numerous in-depth inspections of the Kubernetes infrastructure to identify security misconfigurations and issues DevOps engineers / developers may encounter when using Kubernetes, especially in production and at large scale.
kubestrike is platform independent and works equally well on many platforms like standalone k8s, Amazon EKS, Azure AKS, Google GKE, etc.
Current opportunities
Scans Kubernetes infrastructure managed by a standalone and cloud provider
During the exploration phase, the presence of various services or open ports is checked
Performs automatic scans if unsafe services, read-write, or read-only services are enabled.
Performs both Authenticated Scan and Non-Authenticated Scan
Scans a wide variety of IAM misconfigurations across a cluster
Scans a wide range of misconfigured containers
Scans for many misconfigured pod security policies
Performs with kanirovanie the presence of a wide variety of incorrectly configured network policies
Scans the privileges of a subject in the cluster
Runs commands in containers and feeds back the output
Provides endpoints of misconfigured services
Provides information about possible privilege escalation
Provides a detailed report with detailed explanation
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) clone https://github.com/vchinnipilli/kubestriker#how-to-install
2) go dir
3) # Create python virtual environment
$ python3 -m venv env
# Activate python virtual environment
$ source env/bin/activate
# Clone this repository
$ git clone https://github.com/vchinnipilli/kubestriker.git
# Go into the repository
$ cd kubestriker
# Install dependencies
$ pip install -r requirements.txt
# Incase of prompt toolkit or selectmenu errors
$ pip install prompt-toolkit==1.0.15
$ pip install -r requirements.txt
# Gearing up Kubestriker
$ python -m kubestriker
# Result will be generated in the current working directory with the name of the target
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - vchinnipilli/kubestriker: A Blazing fast Security Auditing tool for Kubernetes
A Blazing fast Security Auditing tool for Kubernetes - vchinnipilli/kubestriker
Forwarded from DailyCVE
π΅Tufin Securechange cross-site scripting vulnerability:
(DC: 250-2021)
https://dailycve.com/tufin-securechange-cross-site-scripting-vulnerability-0
(DC: 250-2021)
https://dailycve.com/tufin-securechange-cross-site-scripting-vulnerability-0
Dailycve
Tufin Securechange cross-site scripting vulnerability | CVE
Details:
Tufin Securechange is a platform for network security used for business environments by American Tufin Group. Tufin SecureChange has a cross-site scripting flaw before R19.3 HF3 and R20-1 HF1, which is triggered by the absence of accurate clientβ¦
Forwarded from DailyCVE
π΅SQL injection vulnerability exists in cloud intelligent book management platform
(DC: 251-2021)
https://dailycve.com/sql-injection-vulnerability-exists-cloud-intelligent-book-management-platform
(DC: 251-2021)
https://dailycve.com/sql-injection-vulnerability-exists-cloud-intelligent-book-management-platform
Dailycve
SQL injection vulnerability exists in cloud intelligent book management platform | CVE
Details:
A new wave of library cluster management systems, recently built according to the existing building specifications of the general cluster and the branch libraries, is the cloud intelligent book management framework.
The smart cloud book managementβ¦
Forwarded from UNDERCODE NEWS
For the "battery gate" speed limit incident on iPhone, Apple is subject again to European class action.
#International
#International
Forwarded from UNDERCODE NEWS
Fresh patent exposure for Microsoft: to use personal details to build a robot for the automated rebirth of dead.
#Technologies
#Technologies
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Creating bash script for multiple remote logins :
Β» create a script to help copy the public key to multiple remote Linux hosts.
# vim ~ / .bin / ssh-copy.sh
Copy and paste the following code into the file (replace the following variables accordingly USER_NAME is the username to connect, HOST_FILE is the file containing the list of hostnames or IP addresses, and ERROR_FILE is the file to store any errors from the ssh command).
#! / bin / bash
USER_NAME = "root"
HOST_FILE = "/ root / hosts"
ERROR_FILE = "/ tmp / ssh-copy_error.txt"
PUBLIC_KEY_FILE = "$ 1"
if [! -f $ PUBLIC_KEY_FILE]; then
echo "File '$ PUBLIC_KEY_FILE' not found!"
exit 1
fi
if [! -f $ HOST_FILE]; then
echo "File '$ HOST_FILE' not found!"
exit 2
fi
for IP in
ssh-copy-id -i $ PUBLIC_KEY_FILE $ USER_NAME @ $ IP 2> $ ERROR_FILE
RESULT = $?
if [$ RESULT -eq 0]; then
echo ""
echo "Public key copied to $ IP successfully"
echo ""
else
echo "$ (cat $ ERROR_FILE)"
echo
exit 3
fi
echo ""
done
Save the file and close it.
Then make the script executable with the chmod command, as follows:
# chmod + x ssh-copy.sh
Now run the ssh-copy.sh script and provide your public key file as the first argument as shown below:
# ./ssh-copy.sh /root/.ssh/prod-rsa.pub
Then use ssh-agent to manage your keys, which stores your decrypted private key in memory and uses it to authenticate logins.
After starting ssh-agent add your private key to it like this:
# eval "$ (ssh-agent -s)"
# ssh-add ~ / .ssh / prod_rsa
Login to remote Linux server without password
You can now log into any of your remote hosts without entering a password to authenticate the SSH user.
This way you can automate cross-server processes.
# ssh root@10.2.xy
(be smart & don't copy our tips !|)_
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Creating bash script for multiple remote logins :
Β» create a script to help copy the public key to multiple remote Linux hosts.
# vim ~ / .bin / ssh-copy.sh
Copy and paste the following code into the file (replace the following variables accordingly USER_NAME is the username to connect, HOST_FILE is the file containing the list of hostnames or IP addresses, and ERROR_FILE is the file to store any errors from the ssh command).
#! / bin / bash
USER_NAME = "root"
HOST_FILE = "/ root / hosts"
ERROR_FILE = "/ tmp / ssh-copy_error.txt"
PUBLIC_KEY_FILE = "$ 1"
if [! -f $ PUBLIC_KEY_FILE]; then
echo "File '$ PUBLIC_KEY_FILE' not found!"
exit 1
fi
if [! -f $ HOST_FILE]; then
echo "File '$ HOST_FILE' not found!"
exit 2
fi
for IP in
cat $ HOST_FILE; dossh-copy-id -i $ PUBLIC_KEY_FILE $ USER_NAME @ $ IP 2> $ ERROR_FILE
RESULT = $?
if [$ RESULT -eq 0]; then
echo ""
echo "Public key copied to $ IP successfully"
echo ""
else
echo "$ (cat $ ERROR_FILE)"
echo
exit 3
fi
echo ""
done
Save the file and close it.
Then make the script executable with the chmod command, as follows:
# chmod + x ssh-copy.sh
Now run the ssh-copy.sh script and provide your public key file as the first argument as shown below:
# ./ssh-copy.sh /root/.ssh/prod-rsa.pub
Then use ssh-agent to manage your keys, which stores your decrypted private key in memory and uses it to authenticate logins.
After starting ssh-agent add your private key to it like this:
# eval "$ (ssh-agent -s)"
# ssh-add ~ / .ssh / prod_rsa
Login to remote Linux server without password
You can now log into any of your remote hosts without entering a password to authenticate the SSH user.
This way you can automate cross-server processes.
# ssh root@10.2.xy
(be smart & don't copy our tips !|)_
β β β Uππ»βΊπ«Δπ¬πβ β β β