Skip to content

AWS Security Tools (AST) in a simple Docker container. 📦

License

Notifications You must be signed in to change notification settings

nawang87/aws-security-toolbox

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AWS Security Toolbox 🔒

This toolbox will bring to you all necessary apps and tooling as a simple portable and preinstalled Docker container for SecOps on AWS, especially for auditing and assessments purpose.

This will reduce the overhead and the headache of installation these tools and dependencies.

Included Tools

Getting Started

Optional (host machine)

Requirements

  • docker macOS or Linux
  • awscli installed & configured
  • create .env file before building your Docker image locally (see .env.example) to set your DEFAULT_AWS_REGION

Usage

Clone the repository:

    $ git clone https://github.com/z0ph/aws-security-toolbox.git

There is two options to use this toolbox,

  • Option #1 (Interactive), you are using local awscli with ~/.aws/credentials populated.
  • Option #2 (aws-vault), you want to use your local aws-vault installation.

Info: Working directory within the container: /opt/secops

Option 1 (Interactive)

    $ ./ast.sh login

When you are logged into the shell of the container in interactive mode (-it), you will be able to perform your audit/assessment with confidence thanks to pre-populated tools.

Example:

    $ ./opt/secops/prowler/prowler -b | ansi2html -la > /tmp/prowler-report.html

nb: /tmp is mapped to your own (host machine) /tmp folder.

Option 2 (aws-vault)

    $ ./ast.sh exec /opt/secops/prowler/prowler -b -s > report-prod.txt 

nb: if you are not using default aws-vault profile name, please modify options in ast.sh

Optional

if you want to build your own container locally to get latest updates from tools maintainers, run the following command.

    $ make build

License

This project is licensed under the MIT License - see the LICENSE file for details

Authors

  • Victor GRENU - Initial work - zoph.io

About

AWS Security Tools (AST) in a simple Docker container. 📦

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Shell 60.1%
  • Dockerfile 27.7%
  • Makefile 12.2%