From 5cfa93f98bd8b676df70167716e913521e1311ed Mon Sep 17 00:00:00 2001
From: lanjelot <lanjelot@gmail.com>
Date: Tue, 12 Jan 2021 22:59:37 +1100
Subject: [PATCH] Add new cloudsplaining tool to AWS Pentest page

---
 Methodology and Resources/Cloud - AWS Pentest.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/Methodology and Resources/Cloud - AWS Pentest.md b/Methodology and Resources/Cloud - AWS Pentest.md
index e795052..e20e269 100644
--- a/Methodology and Resources/Cloud - AWS Pentest.md	
+++ b/Methodology and Resources/Cloud - AWS Pentest.md	
@@ -149,6 +149,13 @@
     $ python s3-objects-check.py -p whitebox-profile -e blackbox-profile
     ```
 
+* [cloudsplaining](https://github.com/salesforce/cloudsplaining) - An AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report
+    ```powershell
+    $ pip3 install --user cloudsplaining
+    $ cloudsplaining download --profile myawsprofile
+    $ cloudsplaining scan --input-file default.json
+    ```
+
 * [weirdAAL](https://github.com/carnal0wnage/weirdAAL/wiki) - AWS Attack Library
     ```powershell
     python3 weirdAAL.py -m ec2_describe_instances -t demo