Metabadger
0
Free
Metabadger helps prevent SSRF attacks on AWS EC2 by automating upgrades to the more secure Instance Metadata Service v2 (IMDSv2). It diagnoses current usage, prepares for upgrades, and allows disabling of the service where not needed to reduce attack surface. Metabadger prepares you to upgrade to v2 of the Instance Metadata service to safeguard against v1 attack vectors. It gives you the ability to specifically update your instances to only use IMDSv2. It also gives you the ability to disable the Instance Metadata service where you do not need it as a way to reduce attack surface. The AWS metadata service essentially gives you access to all the things within an instance, including the instance role credential & session token. Known SSRF vulnerabilities that exploit and use this attack as a pivot into your environment. The famous attacks you have heard about, some of which involved this method of gaining access via a vulnerable web app with access to the instance metadata service. Attacker could take said credentials from metadata service and use them outside of that particular instance. IMDSv2 and why it should be used: Ensuring that instances are configured to use IMDSv2. This is the recommended configuration for new instances. It is also recommended to disable the instance metadata service where it is not needed. This is to reduce the attack surface. Metabadger helps you do this. It helps you prepare for the upgrade to IMDSv2. It helps you update your instances to only use IMDSv2. It helps you disable the instance metadata service where you do not need it. This is to reduce the attack surface. Metabadger helps you do this. It helps you prepare for the upgrade to IMDSv2. It helps you update your instances to only use IMDSv2. It helps you disable the instance metadata service where you do not need it. This is to reduce the attack surface.
FEATURES
The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.
ALTERNATIVES
A multi-threaded AWS security-focused inventory collection tool with comprehensive resource coverage and efficient data collection methods.
Free
Lists AWS resources using the AWS Cloud Control API and writes them to a JSON output file.
Free
Automate actions on Security Command Center findings with automated disk snapshots, IAM grant revocation, and more.
Free
A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems.
Free
Cloud Security Dashboard with AWS CIS Security Benchmarks and JIRA integration.
Free
gVisor is an application kernel that provides isolation for running sandboxed containers.
Free
A detection-as-code platform for streamlining cloud security operations and responding to security incidents.
Free
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security