TrailScraper Logo

TrailScraper

0
Free
Visit Website

TrailScraper is a command-line tool to get valuable information out of AWS CloudTrail and a general purpose toolbox for working with IAM policies. Installation: OSX: $ brew install trailscraper Installation using pip: Requirements: Python >= 3.5 pip $ pip install trailscraper Run directly using docker: $ docker run --rm --env-file <(env | grep AWS_) -v $HOME/.aws:/root/.aws ghcr.io/flosell/trailscraper:latest Usage: Get CloudTrail events matching a filter from CloudTrail API Download some logs Download some logs in organisational trails Find CloudTrail events matching a filter in downloaded logs Generate Policy from some CloudTrail records Extend existing policy by guessing matching actions Find CloudTrail events and generate an IAM Policy Get CloudTrail events matching a filter from CloudTrail API $ trailscraper select --use-cloudtrail-api --filter-assumed-role-arn some-arn --from 'one hour ago' --to 'now' { "Records": [ { "eventTime": "2017-12-11T15:01:51Z", "eventSource": "autoscaling.amazonaws.com", "eventName": "DescribeLaunchConfigurations", ...

FEATURES

ALTERNATIVES

A customized AWS EKS setup for PCI-DSS, SOC2, and HIPAA compliance

Tool for analyzing cloud resources against best practices and generating reports.

Anchore Enterprise is a platform that protects and secures software supply chains end-to-end.

Commercial

A tool to enumerate S3 buckets for a specific target

A tool that determines what AWS API calls are logged by CloudTrail and what they are logged as, and can also be used as an attack simulation framework.

Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.

In-depth analysis and insights on various cloud security topics by Rhino Security Labs team

Ice provides a birds-eye view of cloud resources and usage patterns in AWS.

PINNED