ScoutSuite is a really nice security tool to audit your cloud solutions.
I have used it on the AWS cloud and it instantly gave me some things to inspect further and it was easy to get started with. However the tool also support other cloud providers as Azure, GCP and more.
The project is based on Python and can be installed like this.
virtualenv -p python3 venv
source venv/bin/activate
pip install scoutsuite
I recommend to use the custom policy provided by their wiki page when running against AWS. With that you will give the tool minimal privileges.
Set up a new profile in the aws credential file that is using the policy above when authenticating against AWS, call the profile, scoutprofile
.
[default]
aws_access_key_id = AKIA...
aws_secret_access_key = thesecretkey
[scoutprofile]
aws_access_key_id = AKIA...
aws_secret_access_key = anothersecretkey
Now we can use the command below to start the application.
$ python scout.py aws --profile scoutprofile
This will start to query the AWS API to find out as much as possible about your AWS environment. When done, it will create a nice web page with a report on all the findings.
I really recommend you to try it out, I had valuable feedback on my first try and the investment to get it running was quite low.
There are of course many tools out there to try out, if you want to explore more, then this curated list is a great resource.
Happy auditing!
Top comments (0)