Kali Linux

Poro : Scan Publicly Accessible Assets On Your AWS Cloud Environment

Poro is a tool to Scan for publicly accessible assets on your AWS environment

Services covered by this tool:

  • AWS ELB
  • API Gateway
  • S3 Buckets
  • RDS Databases
  • EC2 instances
  • Redshift Databases

Poro also check if a tag you specify is applied to identified public resources using –tag-key and –tag-value arguments.

Prequisites

  • AWS account with Read Only Access to services listed above.
  • Python 3.X
  • requests>=2.22.0
  • boto3>=1.20
  • botocore>= 1.20
  • enlighten>=1

Usage

  • Clone this repository
  • Configure your envionment with active credentials -> aws configure [sso]
  • Run python poro.py [-h] [–profile PROFILE] [–export FILE_NAME] [–verbose] [–tag-key KEY] [–tag-value VALUE]

optional arguments:
-h, –help show this help message and exit
–profile PROFILE Specify the aws profile (default is default)
–export FILE_NAME Specify the file name if you want to expport the results
–verbose, -v
–tag-key KEY Specify the tag key that you want to check if it exists in public resources
–tag-value VALUE Specify the tag value that you want to check if it exists in public resources

Poro prints the scanning results at the end of it’s execution in a json file if no export option is not specified.

R K

Recent Posts

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

19 hours ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

20 hours ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

22 hours ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

22 hours ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

22 hours ago

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

2 days ago