KubeHunter

kube-hunter is an open-source Kubernetes penetration testing tool by Aqua Security that actively probes Kubernetes clusters to identify security weaknesses, misconfigurations, and vulnerabilities by simulating real-world attack vectors such as exposed APIs, insecure dashboards, compromised service accounts, and exploitable network policies from both internal and external perspectives. The tool supports passive and active hunting modes with customizable tests to detect open ports, weak access controls, privilege escalation paths, and potential attack surfaces, providing security teams with an attacker's perspective to proactively identify and remediate security gaps before they can be exploited in production environments.