GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → nccgroup → Scout2

nccgroup / Scout2

Licence: gpl-2.0
Security auditing tool for AWS environments

Programming Languages

python
139335 projects - #7 most used programming language
HTML
75241 projects
javascript
184084 projects - #8 most used programming language
CSS
56736 projects

Labels

securityaws

Projects that are alternatives of or similar to Scout2

Kubernetes External Secrets
Integrate external secret management systems with Kubernetes
Stars: ✭ 2,412 (+42.38%)
Mutual labels:  aws
Aws Maintenance Lambda
A lambda function to send alerts (to Slack, HipChat) on AWS maintenance events.
Stars: ✭ 133 (-92.15%)
Mutual labels:  aws
Sessions With Aws Sam
This repo contains all the SAM templates created in the Twitch series #SessionsWithSAM. The show is every Thursday on Twitch at 10 AM PDT.
Stars: ✭ 136 (-91.97%)
Mutual labels:  aws
Multi Env Deploy
Complete example of deploying complex web apps to AWS using Terraform, Ansible, and Packer
Stars: ✭ 132 (-92.21%)
Mutual labels:  aws
Developer Handbook
An opinionated guide on how to become a professional Web/Mobile App Developer.
Stars: ✭ 1,830 (+8.03%)
Mutual labels:  aws
Kube2iam
kube2iam provides different AWS IAM roles for pods running on Kubernetes
Stars: ✭ 1,774 (+4.72%)
Mutual labels:  aws
Bucc
The fastest way to get a BUCC (BOSH, UAA Credhub and Concourse)
Stars: ✭ 130 (-92.33%)
Mutual labels:  aws
Generate Ssh Configs
Automatically generate ssh config files for your cloud servers
Stars: ✭ 136 (-91.97%)
Mutual labels:  aws
Dynamo Easy
DynamoDB client for NodeJS and browser with a fluent api to build requests. We take care of the type mapping between JS and DynamoDB, customizable trough typescript decorators.
Stars: ✭ 133 (-92.15%)
Mutual labels:  aws
Aws Cli
Universal Command Line Interface for Amazon Web Services
Stars: ✭ 11,804 (+596.81%)
Mutual labels:  aws
Aws Launcher
AWS Launcher. Launch AWS Services from your macOS dock.
Stars: ✭ 132 (-92.21%)
Mutual labels:  aws
Inertia
✈️ Effortless, self-hosted continuous deployment for small teams and projects
Stars: ✭ 133 (-92.15%)
Mutual labels:  aws
Aws Mobile Appsync Events Starter React Native
GraphQL starter application with Realtime and Offline functionality using AWS AppSync
Stars: ✭ 134 (-92.09%)
Mutual labels:  aws
Terraform Aws Vpc
Terraform Module that defines a VPC with public/private subnets across multiple AZs with Internet Gateways
Stars: ✭ 130 (-92.33%)
Mutual labels:  aws
Gsts
Obtain and store AWS STS credentials to interact with Amazon services by authenticating via G Suite SAML.
Stars: ✭ 136 (-91.97%)
Mutual labels:  aws
Designing Cloud Native Microservices On Aws
Introduce a fluent way to design cloud native microservices via EventStorming workshop, this is a hands-on workshop. Contains such topics: DDD, Event storming, Specification by example. Including the AWS product : Serverless Lambda , DynamoDB, Fargate, CloudWatch.
Stars: ✭ 131 (-92.27%)
Mutual labels:  aws
Fhir Works On Aws Deployment
A serverless implementation of the FHIR standard that enables users to focus more on their business needs/uniqueness rather than the FHIR specification
Stars: ✭ 131 (-92.27%)
Mutual labels:  aws
Ebs Automatic Nvme Mapping
Automatic mapping of EBS volumes via NVMe block devices to standard block device paths
Stars: ✭ 136 (-91.97%)
Mutual labels:  aws
Amazon Transcribe Websocket Static
A static site demonstrating real-time audio transcription via Amazon Transcribe over a WebSocket.
Stars: ✭ 136 (-91.97%)
Mutual labels:  aws
React Native Aws Cognito Js
React Native AWS Cognito JS SDK
Stars: ✭ 134 (-92.09%)
Mutual labels:  aws
View All Similar Projects ➔

AWS Scout2

https://travis-ci.org/nccgroup/Scout2.svg?branch=master https://coveralls.io/repos/github/nccgroup/Scout2/badge.svg?branch=master

AWS Scout2 is no longer under development. The latest (and final) version of Scout2 can be found in https://github.com/nccgroup/Scout2/releases and https://pypi.org/project/AWSScout2.

The project has migrated to https://github.com/nccgroup/ScoutSuite.

Description

Scout2 is a security tool that lets AWS administrators assess their environment's security posture. Using the AWS API, Scout2 gathers configuration data for manual inspection and highlights high-risk areas automatically. Rather than pouring through dozens of pages on the web, Scout2 supplies a clear view of the attack surface automatically.

Note: Scout2 is stable and actively maintained, but a number of features and internals may change. As such, please bear with us as we find time to work on, and improve, the tool. Feel free to report a bug with details (e.g. console output using the "--debug" argument), request a new feature, or send a pull request.

Installation

Install via pip:

$ pip install awsscout2

Install from source:

$ git clone https://github.com/nccgroup/Scout2
$ cd Scout2
$ pip install -r requirements.txt
$ python setup.py install

Requirements

Computing resources

Scout2 is a multi-threaded tool that fetches and stores your AWS account's configuration settings in memory during runtime. It is expected that the tool will run with no issues on any modern laptop or equivalent VM. Running Scout2 in a VM with limited computing resources such as a t2.micro instance is not intended and will likely result in the process being killed.

Python

Scout2 is written in Python and supports the following versions:

  • 2.7
  • 3.3
  • 3.4
  • 3.5
  • 3.6

AWS Credentials

To run Scout2, you will need valid AWS credentials (e.g Access Key ID and Secret Access Key). The role, or user account, associated with these credentials requires read-only access for all resources in a number of services, including but not limited to CloudTrail, EC2, IAM, RDS, Redshift, and S3.

The following AWS Managed Policies can be attached to the principal in order to grant necessary permissions:

  • ReadOnlyAccess
  • SecurityAudit

Compliance with AWS' Acceptable Use Policy

Use of Scout2 does not require AWS users to complete and submit the AWS Vulnerability / Penetration Testing Request Form. Scout2 only performs AWS API calls to fetch configuration data and identify security gaps, which is not considered security scanning as it does not impact AWS' network and applications.

Usage

After performing a number of AWS API calls, Scout2 will create a local HTML report and open it in the default browser.

Using a computer already configured to use the AWS CLI, boto3, or another AWS SDK, you may use Scout2 using the following command:

$ Scout2

Note: EC2 instances with an IAM role fit in this category.

If multiple profiles are configured in your .aws/credentials and .aws/config files, you may specify which credentials to use with the following command:

$ Scout2 --profile <PROFILE_NAME>

If you have a CSV file containing the API access key ID and secret, you may run Scout2 with the following command:

$ Scout2 --csv-credentials <CREDENTIALS.CSV>

Advanced documentation

The following command will provide the list of available command line options:

$ Scout2 --help

For further details, checkout our Wiki pages at https://github.com/nccgroup/Scout2/wiki.

License

GPLv2: See LICENSE.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].