KubeSF (previously KubePWN) is a lightweight, platform-independent security audit suite for Kubernetes. It performs security posture auditing at pod and namespace levels with fix recommendations.
Key features:
- Static and runtime analysis with minimal permissions
- Identifies risky container capabilities and kernel exploits
- Detects privilege escalation vectors and service account token permissions
- Audits Seccomp, AppArmor, and SELinux configurations
- Scans for sensitive information in containers
- Includes a user-friendly dashboard
Presented at BlackHat Asia Arsenal 2025 by Abhishek S and Ajith Prabhu.
