s3cario
0 (0)
A tool for testing AWS S3 bucket permissions and security
TrailBlazer is a tool written to determine what AWS API calls are logged by CloudTrail and what they are logged as. It can also be used as an attack simulation framework. It uses the python AWS SDK library called boto3 to make the API calls into AWS. It enumerates the services provided in the SDK, regions the services are available, and then determines what API calls there are for the given service by exploring the function set. It bypasses the boto3 client-side validation to make mostly improper requests into AWS. Mostly is the keyword here due to the fact that if an API call does not require a parameter, the API call sent by TrailBlazer will be 100% valid. Due to the way AWS logs, these requests will be logged as Invalid Parameters or Unauthorized due to the inconsistency in CloudTrail logging.
A tool for testing AWS S3 bucket permissions and security
Docker's Actuary automates security best-practices checks for Docker containers.
An AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
Burp extension for identifying cloud buckets and testing for vulnerabilities
A Python script to test the security of AWS S3 buckets
A project exploring minimal set of restrictions for running untrusted code using Linux containers in a concise codebase.