Merge pull request #320 from lanjelot/cloudsplaining

New cloudsplaining tool to AWS Pentest page
This commit is contained in:
Swissky 2021-01-12 13:42:36 +01:00 committed by GitHub
commit 836861c86e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -149,6 +149,13 @@
$ python s3-objects-check.py -p whitebox-profile -e blackbox-profile $ python s3-objects-check.py -p whitebox-profile -e blackbox-profile
``` ```
* [cloudsplaining](https://github.com/salesforce/cloudsplaining) - An AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report
```powershell
$ pip3 install --user cloudsplaining
$ cloudsplaining download --profile myawsprofile
$ cloudsplaining scan --input-file default.json
```
* [weirdAAL](https://github.com/carnal0wnage/weirdAAL/wiki) - AWS Attack Library * [weirdAAL](https://github.com/carnal0wnage/weirdAAL/wiki) - AWS Attack Library
```powershell ```powershell
python3 weirdAAL.py -m ec2_describe_instances -t demo python3 weirdAAL.py -m ec2_describe_instances -t demo