Awesome
AWS Security Toolbox (AST) :lock:
This toolbox will bring to you all necessary apps and tooling as a simple portable and preinstalled Docker container for SecOps on AWS, especially for auditing and assessments purpose.
This will reduce the overhead and the headache of installation these tools and dependencies.
Included Tools
Getting Started
Optional (host machine)
Requirements
- docker macOS or Linux
awscli
installed & configured- create
.env
file before building your Docker image locally (see .env.example) to set yourDEFAULT_AWS_REGION
andPROFILE_NAME
(for aws-vault)
Usage
Clone the repository:
$ git clone https://github.com/z0ph/aws-security-toolbox.git
There is two options to use this toolbox,
- Option #1 (Interactive), you are using local
awscli
with~/.aws/credentials
populated. - Option #2 (
aws-vault
), you want to use your localaws-vault
installation.
Info: Working directory within the container: /opt/secops
Option 1 (Interactive)
$ ./ast.sh login
When you are logged into the shell of the container in interactive mode (-it
), you will be able to perform your audit/assessment with confidence thanks to pre-populated tools.
Example:
$ ./opt/secops/prowler/prowler -b | ansi2html -la > /tmp/prowler-report.html
nb: /tmp
is mapped to your own (host machine) /tmp
folder.
Option 2 (aws-vault
)
$ ./ast.sh exec /opt/secops/prowler/prowler -b -s > report-prod.txt
nb: if you are not using default
aws-vault profile name, please modify options in ast.sh
Optional
if you want to build your own container locally to get latest updates from tools maintainers, run the following command.
$ make build
License
This project is licensed under the MIT License - see the LICENSE file for details
Authors
- Victor GRENU - Initial work - zoph.io