GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → nccgroup → G Scout

nccgroup / G Scout

Licence: gpl-3.0
Google Cloud Platform Security Tool

Programming Languages

python
139335 projects - #7 most used programming language

Labels

security-auditgcp

Projects that are alternatives of or similar to G Scout

cli
The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.
Stars: ✭ 811 (+286.19%)
Mutual labels:  security-audit, gcp
Opencspm
Open Cloud Security Posture Management Engine
Stars: ✭ 191 (-9.05%)
Mutual labels:  gcp, security-audit
Cs Suite
Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
Stars: ✭ 815 (+288.1%)
Mutual labels:  gcp, security-audit
prowler
Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+3731.43%)
Mutual labels:  security-audit, gcp
Cloudsploit
Cloud Security Posture Management (CSPM)
Stars: ✭ 1,338 (+537.14%)
Mutual labels:  gcp, security-audit
Externalsecret Operator
An operator to fetch secrets from cloud services and inject them in Kubernetes
Stars: ✭ 177 (-15.71%)
Mutual labels:  gcp
Sbt Dependency Check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-10.95%)
Mutual labels:  security-audit
Anteater
Anteater - CI/CD Gate Check Framework
Stars: ✭ 174 (-17.14%)
Mutual labels:  security-audit
Recsech
Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (-17.62%)
Mutual labels:  security-audit
Hivemq Mqtt Tensorflow Kafka Realtime Iot Machine Learning Training Inference
Real Time Big Data / IoT Machine Learning (Model Training and Inference) with HiveMQ (MQTT), TensorFlow IO and Apache Kafka - no additional data store like S3, HDFS or Spark required
Stars: ✭ 204 (-2.86%)
Mutual labels:  gcp
Replica
Ghidra Analysis Enhancer 🐉
Stars: ✭ 194 (-7.62%)
Mutual labels:  security-audit
Biu Framework
Biu-framework🚀 Security Scan Framework For Enterprise Intranet Based Services(企业内网基础服务安全扫描框架)
Stars: ✭ 183 (-12.86%)
Mutual labels:  security-audit
Googlecloudarchitectprofessional
Resources to prepare for Google Certified Cloud Architect Professional Exam - 2017
Stars: ✭ 177 (-15.71%)
Mutual labels:  gcp
Awesome Security Audits
A collection of public security audits.
Stars: ✭ 175 (-16.67%)
Mutual labels:  security-audit
Lyra
Open Source Workflow Engine for Cloud Native Infrastructure
Stars: ✭ 203 (-3.33%)
Mutual labels:  gcp
Bitcoin Etl
ETL scripts for Bitcoin, Litecoin, Dash, Zcash, Doge, Bitcoin Cash. Available in Google BigQuery https://goo.gl/oY5BCQ
Stars: ✭ 174 (-17.14%)
Mutual labels:  gcp
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-13.33%)
Mutual labels:  security-audit
Checkov
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+1600.95%)
Mutual labels:  gcp
Yawast
YAWAST ...where a pentest starts. Security Toolkit for Web-based Applications
Stars: ✭ 181 (-13.81%)
Mutual labels:  security-audit
Nndefaccts
nnposter's alternate fingerprint dataset for Nmap script http-default-accounts
Stars: ✭ 180 (-14.29%)
Mutual labels:  security-audit
View All Similar Projects ➔

G-Scout

G-Scout is a tool for auditing Google Cloud Platform configurations. By making API calls, applying security rules, and generating HTML files based on the output, G-Scout makes it easy to analyze the security of a GCP environment.

There are two ways for the project owner to grant API permissions:

  1. User Account:
    1. Use an account with Viewer and Security Reviewer permissions on the project (may require the project to activate the Google Identity and Access Management API, which can be done in the console).
    2. Approve the Oauth2 authentication request when prompted in your browser.
  2. Service Account:
    1. Go to the console service accounts page at https://console.cloud.google.com/iam-admin/serviceaccounts/project?project=[project] and create a service account.
    2. Go to IAM management console at https://console.cloud.google.com/iam-admin/iam/project?project=[project] and add Security Reviewer and Viewer permissions to the service account created in step 1.
    3. Generate a Service Account key from https://console.cloud.google.com/apis/credentials?project=[project].
    4. Place the JSON file (named keyfile.json) generated in step 3 into the application directory.
    5. Set the environment variable GOOGLE_APPLICATION_CREDENTIALS to the path of the JSON file downloaded. Or use the SDK to run gcloud auth application-default login.

To run the application:

virtualenv -p python2 venv
source venv/bin/activate
pip install -r requirements.txt
python gscout.py -h

The HTML report output will be in the "Report Output" folder.

When specifying the project name you can also use a wildcard to run G-Scout on multiple projects, for example: python gscout.py --project-name "dev-*". You can also run G-Scout on all projects in an organization like this: python gscout.py --organization "organization id", where the id will be a number you can find next to the organization name in the GCP console.

To create a custom rule, add it to the rules.py file. A Rule object takes a name, a category, and a filter function. The function will be passed a json object corresponding to the category. To see an example for each category (some of which are altered from the standard API response), see the entity_samples.json file.

Running python x_project.py will create a file showing all results across all projects G-Scout has been run on for each finding specified. Change the items in the list of rule names in x_project.py to specify which rules to generate the files for.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].