I love AWS. I love Open Source. I love Security. So I’ve been bringing together a compilation of the best tools available to monitor, audit, train up on and find exposures in your AWS accounts.
You can find the GitHub repo here; https://github.com/stuhirst/awssecurity/blob/master/arsenal.md
Please add to that if you wish!
Generate a report of all S3 buckets for an account: https://github.com/bear/s3scan
Find open S3 buckets: https://github.com/sa7mon/S3Scanner
Generate Network Diagrams: https://github.com/duo-labs/cloudmapper
Cred Scanner: https://github.com/disruptops/cred_scanner
Disable Access Keys after X days; https://github.com/te-papa/aws-key-disabler
Secrets Management; https://github.com/awslabs/git-secrets
Least Privilege: https://github.com/Netflix/repokid
Resource Counter: https://github.com/disruptops/resource-counter
IAM Access Advisor: https://github.com/Netflix-Skunkworks/aardvark
Policy changes & Insecure config: https://github.com/Netflix/security_monkey
Policy & Encryption; https://github.com/capitalone/cloud-custodian
AWS Attack Library; https://github.com/carnal0wnage/weirdAAL/wiki
Thanks to all the awesome open-sourcers who make these possible!