Audit

CIS¶


AWS Sec Benchmark	Script to evaluate your AWS account against the full CIS Amazon Web Services Foundations Benchmark 1.1 Usage: `$ python aws-cis-foundation-benchmark-checklist.py`


Aerides	An implementation of IaC scanning using dynamic tooling: Scout Suite and Principal Mapper with Terraform and LocalStack Uses GitHub Actions to perform automatic tests for pull requests Testing Infrastructure-as-Code Using Dynamic Tooling
ScoutSuite	Multi-cloud security auditing tool Permissions: `SecurityAudit` Usage: `$ python Scout.py --provider aws`
Prowler	CIS benchmarks and additional checks for security best practices in AWS Permissions: `SecurityAudit` Usage: `$ ./prowler -M html`
CS-Suite	Auditing the security posture of AWS/GCP/Azure infrastructure Permissions: `SecurityAudit` Usage: `$ python cs.py -env aws`
CloudSploit	Security scanning checks Permissions: `SecurityAudit` Usage: `// Edit the index.js file with your AWS key and secret` `// Run a standard scan` `$ node index.js` `// Run a compliance scan` `$ node index.js --compliance=hipaa`
Cloudsplaining	Scans accounts for violations of Least Privilege and identifies policies that can lead to Privilege Escalation, Data Exfiltration, Resource Exposure, and Infrastructure Modification
cloudlist	Obtain public assets (hostnames, IPs)


LambdaGuard	AWS Serverless Security auditing tool designed to provide asset visibility, illustrate service dependencies, and configuration checks from a security perspective
dufflebag	Searches through public EBS snapshots for secrets that may have been accidentally left in
s3_objects_check	Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files
ghostbuster	Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts You can also refer to the companion blog post