Kubestriker - Kubestriker is a platform-agnostic tool designed to tackle Kuberenetes cluster security issues due to misconfigurations and will help strengthen the overall IT infrastructure of any organisation.
kubesploit - Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments
Defensive Tools
aws-iam-authenticator - A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster
cert-manager - Automatically provision and manage TLS certificates in Kubernetes
kube2iam - kube2iam provides different AWS IAM roles for pods running on Kubernetes
kube-lego - Automatically request certificates for Kubernetes Ingress resources from Let’s Encrypt
Security Tools
kube-bench - Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
kube-hunter - Kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments.
KubiScan - A tool for scanning Kubernetes cluster for risky permissions in Kubernetes’s Role-based access control (RBAC) authorization model.
kubeaudit - kubeaudit helps you audit your Kubernetes clusters against common security controls