This project is a CLI tool designed to enumerate and analyze Kubernetes cluster configurations. It provides functionalities to dump the cluster configuration and perform various analyses on the configurations.

pip install -U git+https://github.com/uwuzone/kube-enum.git

This tool provides several commands to dump and analyze k8s config.

To dump the configuration of a Kubernetes cluster:

pdm run kube-enum dump <KUBERNETES_API_URL> [--output <OUTPUT_FILE_PATH>]

pdm run kube-enum dump https://my-kubernetes-api-server -o config.json

The analyze command provides several subcommands to analyze the dumped Kubernetes configuration.

pdm run kube-enum analyze secrets <CONFIG_FILE> [--truncate <LENGTH>] [--skip <STRING>] [--skip-ns <NAMESPACE>]

pdm run kube-enum analyze secrets config.json --truncate 20 --skip 'BEGIN' --skip-ns kube-system

pdm run kube-enum analyze none-values <CONFIG_FILE>

pdm run kube-enum analyze none-values config.json

pdm run kube-enum analyze verbose <CONFIG_FILE>

pdm run kube-enum analyze verbose config.json

pdm run kube-enum analyze unused <CONFIG_FILE>

pdm run kube-enum analyze unused config.json

This tool is intended for ethical hacking and security analysis purposes on authorized systems only. Unauthorized use of this tool to access or modify systems without permission is illegal and unethical. Always obtain proper authorization before using this tool on any system.

For any issues or contributions, please refer to the project's repository.