Tutorial5 min read

How to Find Exposed Kubernetes API Servers & Dashboards

Discover misconfigured Kubernetes clusters with exposed API servers or web dashboards.

1

Search for Kubernetes API

Kubernetes API servers run on port 6443 by default.

port:6443 service:kubernetes
2

Find Kubernetes Dashboards

The Kubernetes Dashboard web UI is often misconfigured for public access.

http.title:"Kubernetes Dashboard"
Dashboards with "Skip" login button = full cluster access.
3

Search for exposed etcd

etcd stores all cluster state and secrets.

port:2379 product:etcd
Exposed etcd = access to all K8s secrets including TLS certs and service account tokens.
4

Find kubelet API

Kubelet API on port 10250 can allow pod execution.

port:10250

Remediation & Hardening

  • Use RBAC — never grant cluster-admin to default service accounts

  • Enable API server authentication (no anonymous-auth)

  • Use network policies to restrict pod-to-pod communication

  • Never expose etcd to the public internet

  • Use pod security standards/policies

  • Rotate secrets and certificates regularly

Try It Now

Search for Kubernetes across 85M+ indexed hosts — free, no registration required.

Search Kubernetes

More How-To Guides

How to Find Exposed Redis ServersHow to Find Exposed MongoDB DatabasesHow to Find Exposed Elasticsearch ClustersHow to Find Exposed Jenkins ServersHow to Find Exposed Docker APIsHow to Find Exposed RDP ServersHow to Find Exposed MySQL Databases