Security Scanner for Kubernetes

Webb Scanner - Loadtest - Network Scanners

Scanners

Run the scanners

In Docker for Kubernetes

We have taken regular scanners and setup so they run in docker for kubernets. They take enviromant values to start and outpur the result in json for you logsystem to use

Log Stack

The output from the scanners need to be collected and use. For this we use Elasticsearch and Kibana. To process logs fluentd is used. Here is a demo logstack

GitRepo : https://bitbucket.org/sammaio/nmap/src/master/

Docker : https://bitbucket.org/sammaio/nmap/src/master/

Kubernetes

Our kubernetes operator setup cronjob scans on all service and ingress objects

GitRepo : https://bitbucket.org/sammaio/nmap/src/master/

Docker : https://bitbucket.org/sammaio/nmap/src/master/

AWS (EKS)

AWS ip are found by our aws client and cronjob are setup to all AWS ip

GitRepo : https://bitbucket.org/sammaio/nmap/src/master/

Docker : https://bitbucket.org/sammaio/nmap/src/master/

Oneliner

You can trigger any scan with a oneliner docker command

GitRepo : https://bitbucket.org/sammaio/nmap/src/master/

Docker : https://bitbucket.org/sammaio/nmap/src/master/

Join

Join ore slack channel here / Fork our repos and push back updates / ore use the form bellow


Copyright © samma.io 2019

Nmap Project

Nmap scanner scans the endpoint and detects open ports, TLS settings and fingerprint the webserver

Out scanner has tre diffrent scanners. One with cheks open ports and logs all openports. One that check what TLS settings and ciffers that are used. And the last scanner tryies to detect the webserver version

GitRepo : https://bitbucket.org/sammaio/nmap/src/master/

Docker : https://bitbucket.org/sammaio/nmap/src/master/

Status : Working

Close

Arachni

Arachini web security framwork

Scan the applications for commin security findings

GitRepo : https://bitbucket.org/sammaio/arachni/src/master/

Docker : https://bitbucket.org/sammaio/nmap/src/master/

Webbpage : https://www.arachni-scanner.com

Status : Working

Close

Nikto Webb Scanner

Nikto

web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software

GitRepo : https://bitbucket.org/sammaio/arachni/src/master/

Docker : https://bitbucket.org/sammaio/nmap/src/master/

Webbpage : https://cirt.net/Nikto2

Status : Working

Close

Artillery

Artillery Load Testing

Artillery is a lead test tool. We have it as a scanner and run it get a basic load test baseline

GitRepo : https://bitbucket.org/sammaio/arachni/src/master/

Docker : https://bitbucket.org/sammaio/nmap/src/master/

Webbpage : https://artillery.io/

Status : Working

Close

OpenVAS

OpenVAS

OpenVAS is a full-featured vulnerability scannere

GitRepo : https://bitbucket.org/sammaio/arachni/src/master/

Docker : https://bitbucket.org/sammaio/nmap/src/master/

Webbpage : http://openvas.org/

Status : Not Working

Close

Wapiti

Wapiti

It performs "black-box" scans (it does not study the source code) of the web application by crawling the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets the list of URLs, forms and their inputs, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.

GitRepo : https://bitbucket.org/sammaio/arachni/src/master/

Docker : https://bitbucket.org/sammaio/nmap/src/master/

Webbpage : http://wapiti.sourceforge.net/

Status : Working

Close