How to conduct security assesment of AWS?

This page summarizes the projects mentioned and recommended in the original post on /r/AskNetsec

Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
  • bucketeer

    Bucketeer is a small script that builds off the useful Sublist3r tool. The Tool tries to identify S3 Buckets and other useful subdomain information, that is used to perform subdomain takeover attacks.

  • PMapper

    A tool for quickly evaluating IAM permissions in AWS.

    In addition to ScoutSuite, I recommend PMapper. https://github.com/nccgroup/PMapper

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  • my-arsenal-of-aws-security-tools

    List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts