How to get rid of AWS access keys- Part 1: The easy wins

Learn how to identify unused and unnecessary long-lived IAM User access keys...

Security for Amazon Redshift

We’ll show you how to set up basic monitoring of AWS Redshift using their native security features, including how to set up a Redshift instance, creating S3 buckets, and shipping the audit logs to Cloudwatch. Basic security for Amazon Redshift can be accomplished through standard AWS security...

AWS Report - Tool For Analyzing Amazon Resources

AWS Report is a tool for analyzing amazon resources. Features Search iam users based on creation date Search buckets public Search security group with inbound rule for 0.0.0.0/0 Search elastic ip dissociated Search volumes available Search AMIs with permission public Search internet gateways...

The AWS Exploitation Framework: Pacu

Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its...

Security auditing tool for AWS: AWS Scout2

Scout2 is an open source tool that helps assessing the security posture of AWS environments. Using the AWS API, the Scout2 Python scripts fetch CloudTrail, EC2, IAM, RDS, and S3, configuration data. The gathered configuration is analysed and stored as JSON objects in several JavaScript files. The...