AWS-Loot tool allows quick enumeration over large sets of AWS instances and services.
Install
pip install -r requirements.txt
An AWS credential file (.aws/credentials) is required for authentication to the target environment
Awsloot works by going through EC2, Lambda, CodeBuilder instances and searching for high entropy strings. The EC2 Looter works by querying all available instance ID’s in all regions and requesting instance’s USERDATA where often developers leave secrets. The Lambda looter operates across regions as well. Lambada looter can search all available versions of a found function. It starts by searching the functions environment variables then downloads the source code and scans the source for secrets. The Codebuilder Looter works by searching for build instances and searching those builds for environment variables that might contain secrets.
Python3 awsloot.py
Pingora is a cutting-edge Rust framework designed to build fast, reliable, and programmable networked systems.…
DockerSpy is a powerful tool designed to perform Open Source Intelligence (OSINT) on Docker Hub,…
Anki is a powerful, open-source flashcard software designed to enhance learning and memory retention through…
Rolldown is an innovative JavaScript/TypeScript bundler written in Rust, designed to revolutionize the development workflow…
Invoke-ArgFuscator is an open-source, cross-platform PowerShell module designed to obfuscate command-line arguments for system-native executables.…
Morgan is an advanced JavaScript security analyzer designed to detect and mitigate sensitive data exposure…