TrailBlazer Logo

TrailBlazer

0
Free
Visit Website

TrailBlazer is a tool written to determine what AWS API calls are logged by CloudTrail and what they are logged as. It can also be used as an attack simulation framework. It uses the python AWS SDK library called boto3 to make the API calls into AWS. It enumerates the services provided in the SDK, regions the services are available, and then determines what API calls there are for the given service by exploring the function set. It bypasses the boto3 client-side validation to make mostly improper requests into AWS. Mostly is the keyword here due to the fact that if an API call does not require a parameter, the API call sent by TrailBlazer will be 100% valid. Due to the way AWS logs, these requests will be logged as Invalid Parameters or Unauthorized due to the inconsistency in CloudTrail logging.

FEATURES

ALTERNATIVES

Docker's Actuary automates security best-practices checks for Docker containers.

A collection of tools to debug and inspect Kubernetes resources and applications, managing eBPF programs execution and mapping kernel primitives to Kubernetes resources.

Implements a cloud version of the Shadow Copy attack against domain controllers in AWS, allowing theft of domain user hashes.

Burp extension for identifying cloud buckets and testing for vulnerabilities

A Terraform module to set up a secure AWS account configuration baseline

A command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

Collection of Kubernetes manifests creating pods with elevated privileges for security testing.