Skip to content

Welcome to kube-scan, a lightweight Kubernetes Penetration Testing Tool designed to help developers, security professionals, and organizations identify vulnerabilities and secure their Kubernetes clusters.

About Me

My name is Aaron Braundmeier, and I’m currently the Director of Kubernetes Engineering at Mastercard. With over a decade of experience in the tech industry, my career has been focused on engineering, DevOps, cloud-native technologies - and in particular, Kubernetes and cloud security.

I currently hold various relevant certifications:

  • Certified Kubernetes Administrator (CKA)
  • Kubernetes and Cloud Native Security Associate (KCSA)
  • Kubernetes and Cloud Native Associate (KCNA)
  • Certified GitOps Associate (CGOA)
  • ArgoCD Certification (CAPA)
  • Google Cloud Cybersecurity

    • I’ve worked on projects ranging from building Kubernetes clusters to leading large-scale migrations to cloud-native architectures. My experience spans designing secure systems, implementing CI/CD pipelines, and modernizing legacy systems for Fortune 500 companies.

    Why I Built This Tool

    Kubernetes has become a cornerstone of modern infrastructure, but its flexibility also makes it a common target for attackers. While existing tools address some aspects of security, I saw an opportunity to create a comprehensive and user-friendly solution for penetration testing Kubernetes clusters. Some of the key goals of kube-scan that I've tried to focus on are to:

  • Empower organizations to proactively identify vulnerabilities.
  • Simplify penetration testing workflows by providing actionable insights and clear reporting.
  • Create a tool that can grow to cover emerging Kubernetes attack vectors and scenarios.

    • What Sets kube-scan Apart?

    Unlike other tools, kube-scan is designed to be both thorough and accessible:

  • Thorough Testing: Covers a wide range of attack vectors, including CVE exploitation, misconfigurations, and exposed endpoints.
  • Simple Deployment: Runs effortlessly via Docker, making it easy to integrate into workflows without exposing sensitive source code.
  • Clear Reporting: Outputs professional-grade reports that are accessible through a web interface for ease of use.

    • Thank you for visiting! If you have feedback or suggestions for improving the tool, feel free to reach out. Together, we can build a more secure Kubernetes ecosystem.