El investigador de Stu Hirs ha publicado una colección de herramientas (arsenal) para monitorear, auditar, entrenarse y encontrar vulnerabiliades en entornos y cuentas de AWS. Todas ellas Open Source.
Descubrimiento
- Scanner de S3: https://github.com/bear/s3scan
- Scanner de S3: https://github.com/sa7mon/S3Scanner
- Generar diagramas de red: https://github.com/duo-labs/cloudmapper
- Scanner de credenciales: https://github.com/disruptops/cred_scanner
Herrmientas
- Desactivar acceso después de X días: https://github.com/te-papa/aws-key-disabler
- Secrets Management: https://github.com/awslabs/git-secrets
- Menor privilegio: https://github.com/Netflix/repokid
- Resource Counter: https://github.com/disruptops/resource-counter
- IAM Access Advisor: https://github.com/Netflix-Skunkworks/aardvark
Auditoria
- Scout2: https://github.com/nccgroup/Scout2
- Prowler: https://github.com/toniblyx/prowler
- Policy changes & Insecure config: https://github.com/Netflix/security_monkey
- Policy & Encryption; https://github.com/capitalone/cloud-custodian
Entrenamiento
Offensivo
- AWS Attack Library; https://github.com/carnal0wnage/weirdAAL/wiki
Fuente: Segu-info.com.ar
