doky

If you're running Docker, Kubernetes and both,
You can scan your Nodes, Services, Vulnerabilities even Pods.

options

default : scan Nodes, Services, Vulnerabilites

--details : scan all Kubernetes Components (Pods, Nodes, Services) and Vulnerabilities
--token TOKEN : scan all Kubernetes Components (Pods, Nodes, Services) and Vulnerabilities using token

This option can also be scanned from the Worker Node
If you haven't modified service account file or don't know your token, you can insert --token default

--service ACCOUNT : scan all Kubernetes Components (Pods, Nodes, Services) and Vulnerabilities using service account

This option can also be scanned from the Worker Node If you haven't modified service account file or don't know your service account, you can insert --service default

--proxy PORT : scan all Kubernetes Components (Pods, Nodes, Services) and Vulnerabilities locally using proxy

You have to specify the port you want to access the Api Server

--docker : scan docker containers and Vulnerabilities only for docker

You can see the result of scan on this site

>> http://hotsix.kro.kr/index.php

What Vulnerabilities?

Kubernetes >>

CVE-2019-9946
CVE-2019-11243
CVE-2019-11244
CVE-2019-1002100
CVE-2019-1002101
CVE-2018-1002100
CVE-2018-1002101
CVE-2018-1002105

More information about Kubernetes Vulnerabilities

https://www.cvedetails.com/vulnerability-list/vendor_id-15867/product_id-34016/Kubernetes-Kubernetes.html

Docker >>

CVE-2017-7308
CVE-2019-5736
CVE-2018-15664
CVE-2018-15514

More information about Docker Vulnerabilities

https://www.cvedetails.com/vulnerability-list/vendor_id-13534/product_id-28125/Docker-Docker.html

We are Good-Hot-Six

Team Member Email

An JiWon - pu1etproof@gmail.com

Lee SungYoung - kng03470@naver.com

Kwon SeungMin - in_reasona@naver.com