The author of this project is not responsible for any damage or data loss incurred as a result of using this software.
Use this software at your own risk. While efforts have been made to ensure the accuracy and reliability of the software, it is provided “as is” without warranty of any kind.
By using this software, you agree to assume all risks associated with its use. Opinions are that of the author and not that of AWS. Review the AWS pentesting policy prior to executing any security tools on AWS Lambda.
Lemma is a Python-based AWS Lambda package and client designed to execute packaged command-line tools in a scalable, remote environment on AWS Lambda.
Lemma takes advantage of the new Response Streaming feature on AWS Lambda to stream real-time stdout back to the user as the tool is running. The Lemma project comprises three main components:
While the intented use case for Lemma is to run verbose security security tooling on AWS lambda, Lemma can be used for any type of command-line tool you wish to run remotely.
Steps to build and deploy on a fresh Ubuntu 22 instance
sudo apt update
sudo apt install docker.io python3 python3-pip
git clone https://github.com/defparam/lemma
cd lemma
export AWS_ACCESS_KEY_ID=<your access key id>
export AWS_SECRET_ACCESS_KEY=<your secret access key>
./build.sh
Web-CLI:
Terminal-CLI:
pip3 install .
(The Terminal-CLI is also available on pypi: pip install lemmacli
)lemma
~/.lemma/lemma.ini
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…