Tutorial
5 min read
How to Find Exposed Kubernetes API Servers & Dashboards
Discover misconfigured Kubernetes clusters with exposed API servers or web dashboards.
1
Search for Kubernetes API
Kubernetes API servers run on port 6443 by default.
2
Find Kubernetes Dashboards
The Kubernetes Dashboard web UI is often misconfigured for public access.
lightbulb
Dashboards with "Skip" login button = full cluster access.
3
Search for exposed etcd
etcd stores all cluster state and secrets.
lightbulb
Exposed etcd = access to all K8s secrets including TLS certs and service account tokens.
4
Find kubelet API
Kubelet API on port 10250 can allow pod execution.
shield Remediation & Hardening
- check_circle Use RBAC — never grant cluster-admin to default service accounts
- check_circle Enable API server authentication (no anonymous-auth)
- check_circle Use network policies to restrict pod-to-pod communication
- check_circle Never expose etcd to the public internet
- check_circle Use pod security standards/policies
- check_circle Rotate secrets and certificates regularly
Try It Now
Search for Kubernetes across 85M+ indexed hosts — free, no registration required.
search Search Kubernetes