Cloud Security Audit : A Command Line Security Audit Tool For Amazon Web Services

Cloud Security Audit is a command line tool that scans for vulnerabilities in your AWS Account. In easy way you will be able to identify unsecure parts of your infrastructure and prepare your AWS account for security audit.

Installation

Currently it does not support any package managers, but the work is in progress.

Building from sources

First of all you need to download it to your GO workspace:

$GOPATH $ go get github.com/Appliscale/cloud-security-audit
$GOPATH $ cd cloud-security-audit

Then build and install configuration for the application inside cloud-security-audit directory by executing:

cloud-security-audit $ make all

Also Read – DarkScrape : OSINT Tool For Scraping Dark Websites

Usage

Initialising Session

If you’re using MFA you need to tell it to authenticate you before trying to connect by using flag --mfa. Example:

$ cloud-security-audit –service s3 –mfa –mfa-duration 3600

EC2 Scan

How to use

To perform audit on all EC2 instances, type:

$ cloud-security-audit –service ec2

You can narrow the audit to a region, by using the flag -r or --region. It also supports AWS profiles – to specify profile use the flag -p or --profile.

Docs

You can find more information about encryption in the following documentation:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html

S3 Scan

How to use

To perform audit on all S3 buckets, type:

$ cloud-security-audit –service s3

It supports AWS profiles – to specify profile use the flag -p or --profile.

Docs

You can find more about securing your S3’s in the following documentations:

• https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html
• https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html
• https://docs.aws.amazon.com/AmazonS3/latest/user-guide/server-access-logging.html