Comments (6)
@alegrey91 I would love to be a part of this!
Just for some better context, what all is already scheduled to be a part of the upcoming release?
from host-scanner.
@XDRAGON2002 sure!
I'll be out for two weeks, so if in the meantime you have some idea, feel free to share in here.
If there's some juicy information you would like to retrieve from the nodes through host-scanner
that can be useful to implement some rule in regolibrary, please share! ✌️
from host-scanner.
Hi @XDRAGON2002, thanks for your interest!
For now, we are collecting some ideas, but nothing really defined. We will probably change the code architecture in order to make it more testable and have more stability.
Additionally, we will probably move from a web-application-oriented approach where we provide endpoints to retrieve information to a CLI that scans the node and send the result to the storage component.
Then, we would also add some functionality that can enhance the host-scanner
(eg. I would like to add some information retrieval about the files present on the node, so we can check if the node has some GTFOBins, or something like that). These functionalities act to extend our list of rules in regolibrary.
from host-scanner.
@alegrey91 The changes mentioned are quite interesting to work on.
Just some things that came into my mind reading through your comment.
It's great to move to more of a cli architecture, though in terms of sending the data to the storage object, what protocols are we looking to? Http 1.1 or 2?
Since a CLI would greatly benefit from gRPC over your traditional data transfer.
In terms of adding extra functionalities, building on your example of GTFOBins for PrivEsc, do we expect the tool to crawl through the files to figure out vulns and cves or maybe just check which operations have the sudo bit on the host for the provided user?
Also how interested are we in taking inspiration from other tools operating in a similar space such as metasploit msf and/or cve-bin-tool?
These questions might not make any sense so I'll apologize in advance :)
Thanks!
from host-scanner.
Your questions make sense!
Also how interested are we in taking inspiration from other tools operating in a similar space such as metasploit msf and/or cve-bin-tool?
We might take some inspiration, thinking to our context, so kubernetes security. Keep also in mind that we have other components that can do something similar (kube-vuln, relevancy, etc.). So we should take in mind this to not overlap duties of these components.
In terms of adding extra functionalities, building on your example of GTFOBins for PrivEsc, do we expect the tool to crawl through the files to figure out vulns and cves or maybe just check which operations have the sudo bit on the host for the provided user?
I would say mostly the second option, we don't want to build a new privesc tool, but something useful to have a better feedback about the status of our node cluster.
It's great to move to more of a cli architecture, though in terms of sending the data to the storage object, what protocols are we looking to? Http 1.1 or 2?
I don't know the answer right now, but the storage component is a Kubernetes operator, so we can communicate with it through a CRD I think.
from host-scanner.
Ah, great!
That makes a lot of sense.
Feel free to let me know if I'd be of help in anyway ;)
from host-scanner.
Related Issues (7)
- kubeletConfigurations endpoint returns error if the --config kubelet parameter is not used HOT 1
- Host scanner on ARM64 does not work HOT 3
- Repo should be tagged and produce images accordingly HOT 2
- host-scanner is stuck when scanning Talos based clusters
- host scanner pods are restarting continuosly with probe related errors - Azure AKS v1.25.6 HOT 4
- Why "hostipc:true" is needed?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from host-scanner.