https://github.com/0xquark/kubescanner
https://github.com/0xquark/kubescanner
Last synced: 4 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/0xquark/kubescanner
- Owner: 0xquark
- Created: 2023-03-22T21:30:49.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2023-05-16T11:58:31.000Z (about 2 years ago)
- Last Synced: 2025-01-15T22:38:49.593Z (5 months ago)
- Language: Go
- Size: 30.3 KB
- Stars: 1
- Watchers: 2
- Forks: 2
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# KubeScanner
## Port Scanning Api
Input: IP or IP range + port or port range
Output: which ports are open on which IPs
`$ ./PortDiscovery ipaddr ports`
## Service Discovery API
### General concept
The service discovery's goal is to map a given host address and port to the following resolution:
* Session layer protocol: TLS, SSH or none
* Presentation layer protocol: HTTP, gRPC or else
* Application layer protocol: MySQL, ElasticSearch, K8s API server, etc.
A given host and port can be identified as "TLS, HTTP, Kubelet", or "TCP, MySQL" as an example.
Since there are a lot of protocols which are dependent on the underlying session layer, the discovery API contains abstractions (interfaces) so there is no need for example to write different code that discovers "Kubernetes API server" in the case of HTTP or HTTPS.
### Session layer protocols
See interface definitions in [types.go](types.go) of:
* `SessionLayerProtocolDiscovery` - this interface is implemented per protocol (TLS, SSH)
* `iSessionLayerDiscoveryResult` - this is the corresponding result object interface
* `iSessionHandler` - session handler interface, it must have an implementation per protocol to enable presentation layer/application layer to work whit this layer
Example implementation in [sl_tls.go](sl_tls.go) which shows how it is implemented for TLS.
### Transport layer protocols
See interface definitions in [types.go](types.go) of:
* `TransportLayerProtocolDiscovery` - this interface is implemented per protocol (HTTP, gRPC)
* `iTransportLayerDiscoveryResult` - this is the corresponding result object interface
Example implementation for HTTP discovery is in [pl_http_discovery.go](pl_http_discovery.go)
## CLI
Input: IP + Port
Output: Service type
***Also checks for anonymous access for etcd server***
`$ ./ServiceDiscovery ipaddr Port`
#