AWS Recon Logo

AWS Recon

0
Free
Visit Website

A multi-threaded AWS security-focused inventory collection tool written in Ruby. This tool was created to facilitate efficient collection of a large amount of AWS resource attributes and metadata. It aims to collect nearly everything that is relevant to the security configuration and posture of an AWS environment. Existing tools (e.g. AWS Config) that do some form of resource collection lack the coverage and specificity to accurately measure security posture (e.g. detailed resource attribute data, fully parsed policy documents, and nested resource relationships). AWS Recon handles collection from large accounts by taking advantage of automatic retries (either due to network reliability or API throttling), automatic paging of large responses (> 100 resources per API call), and multi-threading parallel requests to speed up collection. Project Goals: More complete resource coverage than available tools (especially for ECS & EKS), more granular resource detail, including nested related resources in the output, flexible output (console, JSON lines, plain JSON, file, S3 bucket, and standard out), and efficient (multi-threaded, rate limited, automatic retries, and automatic result pagination).

FEATURES

ALTERNATIVES

Stay up-to-date on the latest trends and developments in AWS Cloud Security with this weekly digest newsletter.

A Lambda Function that disables AWS IAM User Access Keys after a set amount of time to reduce the risk associated with old access keys.

Cloud security platform that provides configuration monitoring, compliance management, and security analysis across multi-cloud environments.

Commercial

Nuvola is a tool for security analysis on AWS environments with a focus on creating a digital twin of cloud platforms.

A tool that discovers all AWS resources created in an account

ScubaGear assesses Microsoft 365 tenant configurations against CISA Secure Configuration Baselines, using PowerShell and Open Policy Agent to compare settings and generate compliance reports.

A cloud-native security platform that combines vulnerability management, workload protection, and security monitoring for cloud environments with context-aware threat detection capabilities.

Commercial

A tool to analyze and audit AWS environments for security issues and misconfigurations.