Cloud Security Audit : A Command Line Security Audit Tool For Amazon Web Services

Cloud Security Audit is a command line tool that scans for vulnerabilities in your AWS Account. In easy way you will be able to identify unsecure parts of your infrastructure and prepare your AWS account for security audit.

Installation

Currently it does not support any package managers, but the work is in progress.

Building from sources

First of all you need to download it to your GO workspace:

$GOPATH $ go get github.com/Appliscale/cloud-security-audit
$GOPATH $ cd cloud-security-audit

Then build and install configuration for the application inside cloud-security-audit directory by executing:

cloud-security-audit $ make all

Also Read – DarkScrape : OSINT Tool For Scraping Dark Websites

Usage

Initialising Session

If you’re using MFA you need to tell it to authenticate you before trying to connect by using flag --mfa. Example:

$ cloud-security-audit –service s3 –mfa –mfa-duration 3600

EC2 Scan

How to use

To perform audit on all EC2 instances, type:

$ cloud-security-audit –service ec2

You can narrow the audit to a region, by using the flag -r or --region. It also supports AWS profiles – to specify profile use the flag -p or --profile.

Docs

You can find more information about encryption in the following documentation:

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html

S3 Scan

How to use

To perform audit on all S3 buckets, type:

$ cloud-security-audit –service s3

It supports AWS profiles – to specify profile use the flag -p or --profile.

Docs

You can find more about securing your S3’s in the following documentations:

R K

Recent Posts

How to Check if a File Exists in Bash – Simply Explained

Why Do We Check Files in Bash? When writing a Bash script, you often work…

11 hours ago

Bash Arrays Explained Simply: Beginner’s Guide with Examples

If you’re learning Bash scripting, one of the most useful features you’ll come across is…

1 day ago

Bash For Loop Examples Explained Simply for Beginners

If you are new to Bash scripting or Linux shell scripting, one of the most…

2 days ago

How Does a Firewall Work Step by Step

How Does a Firewall Work Step by Step? What Is a Firewall and How Does…

3 days ago

ROADTools: The Modern Azure AD Exploration Framework

ROADTools is a powerful framework designed for exploring and interacting with Microsoft Azure Active Directory…

7 days ago

How to Enumerate Microsoft 365 Groups Using PowerShell and Python

Microsoft 365 Groups (also known as M365 Groups or Unified Groups) are at the heart…

7 days ago