K8Spider
K8Spider is a powerful and fast tool designed for low privilege Kubernetes service discovery. It operates like a spider within your Kubernetes environment, hunting for other services and their exposed ports. Inspired by k8slanparty.com, K8Spider extends the capabilities of traditional service discovery tools, allowing users to scan all services installed in a Kubernetes cluster.
Key Features:
- Comprehensive Scanning: Scan all services and exposed ports in your Kubernetes cluster.
- Multiple Attack Modes: Supports normal, advanced, and customized attack modes for thorough service discovery.
- Threading Support: Allows for higher threading to speed up the scanning process.
- DNS Querying: Can query DNS records to find services and their details.
- Easy Deployment: Simple commands to run within Kubernetes pods.
Benefits:
- Low Privilege Operation: Designed to work with low privilege, making it safer for use in production environments.
- Enhanced Discovery: Helps in identifying services that may not be easily discoverable through standard methods.
- Open Source: Available on GitHub, allowing for community contributions and improvements.
Highlights:
- Supports various attack commands including wildcard and AXFR dumping.
- Provides detailed output of discovered services and their metrics.
- Ideal for security professionals and DevOps teams looking to enhance their Kubernetes security posture.
