Skip to content

Audit

CIS

AWS Sec Benchmark
  • Script to evaluate your AWS account against the full CIS Amazon Web Services Foundations Benchmark 1.1
  • Usage: $ python aws-cis-foundation-benchmark-checklist.py

Audit

ScoutSuite
  • Multi-cloud security auditing tool
  • Permissions: SecurityAudit
  • Usage: $ python Scout.py --provider aws
Prowler
  • CIS benchmarks and additional checks for security best practices in AWS
  • Permissions: SecurityAudit
  • Usage: $ ./prowler -M html
CS-Suite
  • Auditing the security posture of AWS/GCP/Azure infrastructure
  • Permissions: SecurityAudit
  • Usage: $ python cs.py -env aws
CloudSploit
  • Security scanning checks
  • Permissions: SecurityAudit
  • Usage:
    • // Edit the index.js file with your AWS key and secret
    • // Run a standard scan
      $ node index.js
    • // Run a compliance scan
      $ node index.js --compliance=hipaa
Cloudsplaining
  • Scans accounts for violations of Least Privilege and identifies policies that can lead to Privilege Escalation, Data Exfiltration, Resource Exposure, and Infrastructure Modification
cloudlist
  • Obtain public assets (hostnames, IPs)

Specific Services

LambdaGuard
  • AWS Serverless Security auditing tool designed to provide asset visibility, illustrate service dependencies, and configuration checks from a security perspective
dufflebag
  • Searches through public EBS snapshots for secrets that may have been accidentally left in
s3_objects_check
  • Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files