Home

HarrierOps Kube Wiki

HarrierOps Kube is a Go CLI for operator-first Kubernetes recon. This wiki is the guide layer: quick starts, command walkthroughs, output interpretation, and practical triage order for people who need useful answers fast.

Repo docs remain the source of truth for versioned behavior and output contracts.

Start Here

Current Command Guide Coverage

Core: inventory
Identity: whoami, rbac, service-accounts, permissions, privesc
Orchestration: chains, workload-identity-pivot
Workload: workloads
Exposure: exposure
Secrets: secrets
Later depth surface: images

If you are new to HarrierOps Kube, start with Getting Started, then read whoami, inventory, and the command pages that match the cluster shape you actually see.

Current Runtime Note

The command surface in this wiki matches the current CLI, and the current live path uses HarrierOps Kube's own Kubernetes API wrapper instead of shelling out to kubectl. It still reuses the same kubeconfig, context, and namespace choices you would normally use with kubectl, but collection now happens through the tool's internal live provider.

If you want to reproduce the example output in this wiki exactly from a local checkout, you can still set HARRIEROPS_KUBE_FIXTURE_DIR and run against the repo fixtures instead of a live cluster.

The operator command shape stays the same:

harrierops-kube whoami --output table
harrierops-kube inventory --output table
harrierops-kube exposure --output table

Common First Runs

Ground the current session first:

harrierops-kube whoami --output table

Get a fast cluster-shape read:

harrierops-kube inventory --output table

Pivot into the visible edge and the joined workload story:

harrierops-kube exposure --output table
harrierops-kube workloads --output table

Then move into identity, access, and trust paths:

harrierops-kube service-accounts --output table
harrierops-kube rbac --output table
harrierops-kube permissions --output table
harrierops-kube secrets --output table
harrierops-kube privesc --output table
harrierops-kube chains workload-identity-pivot --output table

What Lives Where

Wiki: operator walkthroughs, reading order, practical interpretation, and next-step guidance
Repo docs: output contracts, schemas, and versioned implementation detail
CLI help: harrierops-kube help and harrierops-kube <command> help

Investigation Workflows

Post-Exposure Kubernetes Triage: a practical order for moving from foothold confirmation into exposed paths, workload consequence, identity, secrets, and escalation follow-up

HarrierOps Kube Wiki

Core

inventory

Identity

Orchestration

Workload

workloads

Exposure

exposure

Secrets

secrets

Investigations

Post-Exposure Kubernetes Triage

Reference

Later Depth

images (later depth surface, not yet a full guide page)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Home

HarrierOps Kube Wiki

Start Here

Current Command Guide Coverage

Current Runtime Note

Common First Runs

What Lives Where

Investigation Workflows

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

HarrierOps Kube Wiki

Clone this wiki locally