Need help with aws-security-toolbox?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

z0ph
247 Stars 15 Forks Apache License 2.0 21 Commits 6 Opened issues

Description

AWS Security Tools (AST) in a simple Docker container. :package:

Services available

!
?

Need anything else?

Contributors list

# 62,351
aws-lam...
iam
cloudtr...
Amazon ...
14 commits
# 375,170
PHP
amazon-...
Amazon ...
gcp
3 commits

AWS Security Toolbox (AST) :lock:

This toolbox will bring to you all necessary apps and tooling as a simple portable and preinstalled Docker container for SecOps on AWS, especially for auditing and assessments purpose.

This will reduce the overhead and the headache of installation these tools and dependencies.

Included Tools

Getting Started

Optional (host machine)

Requirements

  • docker macOS or Linux
  • awscli
    installed & configured
  • create
    .env
    file before building your Docker image locally (see .env.example) to set your
    DEFAULT_AWS_REGION
    and
    PROFILE_NAME
    (for aws-vault)

Usage

Clone the repository:

    $ git clone https://github.com/z0ph/aws-security-toolbox.git

There is two options to use this toolbox,

  • Option #1 (Interactive), you are using local
    awscli
    with
    ~/.aws/credentials
    populated.
  • Option #2 (
    aws-vault
    ), you want to use your local
    aws-vault
    installation.

Info: Working directory within the container:

/opt/secops

Option 1 (Interactive)

    $ ./ast.sh login

When you are logged into the shell of the container in interactive mode (

-it
), you will be able to perform your audit/assessment with confidence thanks to pre-populated tools.

Example:

    $ ./opt/secops/prowler/prowler -b | ansi2html -la > /tmp/prowler-report.html

nb:

/tmp
is mapped to your own (host machine)
/tmp
folder.

Option 2 (
aws-vault
)

    $ ./ast.sh exec /opt/secops/prowler/prowler -b -s > report-prod.txt 

nb: if you are not using

default
aws-vault profile name, please modify options in
ast.sh

Optional

if you want to build your own container locally to get latest updates from tools maintainers, run the following command.

    $ make build

License

This project is licensed under the MIT License - see the LICENSE file for details

Authors

  • Victor GRENU - Initial work - zoph.io

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.