Security Researcher Detected: You might have ended up here because your site vulnerability scanner found something interesting. Hi! I'm a security engineer and I'm having a good time interacting with the people and bots that are interested in information security.
You will hopefully find this site is well-secured and I'm not interested in being hacked. I'm interested in learning about how people try to hack me, though.
What is this endpoint?
.kube/config
Kubernetes kubeconfig file containing cluster API endpoints, certificates, and authentication tokens.
What an attacker could do
Grants an attacker authenticated access to the Kubernetes cluster - listing and creating pods, reading secrets, and potentially taking over every workload and node.
How to defend it
Never place kubeconfig in a web root; keep it under a restricted home directory, use short-lived credentials, and scope RBAC tightly so a leaked context has minimal rights.
Connect with the Security Engineer
Learn More
Want to dive deeper into this topic? Check out the official documentation.
Read Official Documentation