Poro - Scan Publicly Accessible Assets On Your AWS Cloud Environment
2022-4-10 20:30:0 Author: www.kitploit.com(查看原文) 阅读量:16 收藏

Scan for publicly accessible assets on your AWS environment

Services covered by this tool:

  • AWS ELB
  • API Gateway
  • S3 Buckets
  • RDS Databases
  • EC2 instances
  • Redshift Databases

Poro also check if a tag you specify is applied to identified public resources using --tag-key and --tag-value arguments.

Prequisites

  • AWS account with Read Only Access to services listed above.
  • Python 3.X
  • requests>=2.22.0
  • boto3>=1.20
  • botocore>= 1.20
  • enlighten>=1

Usage

  • Clone this repository

  • Configure your envionment with active credentials -> aws configure [sso]

  • Run python poro.py [-h] [--profile PROFILE] [--export FILE_NAME] [--verbose] [--tag-key KEY] [--tag-value VALUE]

    optional arguments:
    -h, --help show this help message and exit
    --profile PROFILE Specify the aws profile (default is default)
    --export FILE_NAME Specify the file name if you want to expport the results
    --verbose, -v
    --tag-key KEY Specify the tag key that you want to check if it exists in public resources
    --tag-value VALUE Specify the tag value that you want to check if it exists in public resources

Poro prints the scanning results at the end of it's execution in a json file if no export option is not specified.

Poro - Scan Publicly Accessible Assets On Your AWS Cloud Environment Poro - Scan Publicly Accessible Assets On Your AWS Cloud Environment Reviewed by Zion3R on 8:30 AM Rating: 5


文章来源: http://www.kitploit.com/2022/04/poro-scan-publicly-accessible-assets-on.html
如有侵权请联系:admin#unsafe.sh