// the find
vchinnipilli/kubestriker
A Blazing fast Security Auditing tool for Kubernetes
Kubestriker is a Python CLI (and optional web UI) that scans Kubernetes clusters for security misconfigurations — anonymous API access, exposed kubelet ports, overly permissive RBAC, privileged containers, and similar issues. It works against EKS, AKS, GKE, and self-hosted clusters. Aimed at security engineers and DevOps teams who want a quick audit without standing up a full-blown security platform.
Cross-platform coverage is real — it wraps the official Python Kubernetes client and tests against all major managed offerings, not just one cloud. The kubelet checks (both read-only port 10255 and read-write port 10250) are genuinely useful and often missed in manual audits. RBAC analysis goes beyond surface-level listing; it traces role bindings to identify which identities have cluster-admin equivalent permissions. CI/CD integration via Jenkins/Azure Pipelines/Bamboo lets teams shift this left rather than treating it as a one-off pentest.
Last commit was April 2024 and the repo shows clear signs of stagnation — no active maintainer response to open issues, no Kubernetes 1.29+ validation. The codebase is a flat collection of scripts with no test suite whatsoever; you're trusting it on your cluster without any way to verify it doesn't produce false positives. The web app is a single YAML deploy file with no auth and no documentation on securing the dashboard itself, which is ironic for a security tool. It covers misconfigurations well but has no runtime threat detection, so it's a point-in-time audit only — don't confuse it with continuous monitoring.