The AWS Security Open Source Toolkit

 

I love AWS. I love Open Source. I love Security. So I’ve been bringing together a compilation of the best tools available to monitor, audit, train up on and find exposures in your AWS accounts.

You can find the GitHub repo here; https://github.com/stuhirst/awssecurity/blob/master/arsenal.md

Please add to that if you wish!

Discovery:

Generate a report of all S3 buckets for an account: https://github.com/bear/s3scan

Find open S3 buckets: https://github.com/sa7mon/S3Scanner

Generate Network Diagrams: https://github.com/duo-labs/cloudmapper

Cred Scanner: https://github.com/disruptops/cred_scanner

Tools:

Disable Access Keys after X days; https://github.com/te-papa/aws-key-disabler

Secrets Management; https://github.com/awslabs/git-secrets

Least Privilege: https://github.com/Netflix/repokid

Resource Counter: https://github.com/disruptops/resource-counter

IAM Access Advisor: https://github.com/Netflix-Skunkworks/aardvark

Auditing:

Scout2: https://github.com/nccgroup/Scout2

Prowler: https://github.com/toniblyx/prowler

Policy changes & Insecure config: https://github.com/Netflix/security_monkey

Policy & Encryption; https://github.com/capitalone/cloud-custodian

Training:

http://flaws.cloud/

Offensive:

AWS Attack Library; https://github.com/carnal0wnage/weirdAAL/wiki

Thanks to all the awesome open-sourcers who make these possible!

Original Post: https://medium.com/@StuHirstInfoSec/the-aws-security-open-source-toolkit-eb3e92566eaf

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Up ↑

%d bloggers like this: