AWS Pentesting
our servicesScoutSuite Quickstart
Table of Contents
ScoutSuite is a great tool that can be used by internal and external security analysts to assess cloud environments. Whether performing an AWS Penetration Test, or reviewing your own cloud configuration, this can help you spot dangerous misconfigurations.
There are three steps to get started:
- Generate a read-only administrative access token.
- Create a named profile for the AWS CLI.
- Install and run ScoutSuite
Create a local AWS named profile
In ~/.aws/credentials create an entry as follows:
[default]
aws_access_key_id = AKIAJ5PXFQOC1VVEXAMPLE
aws_secret_access_key = VGdiERGP6Y7KFsjpH437qKjflBJpH+jh/JEXAMPLE
[myprofile]
aws_access_key_id=AKIAJ6ONFYOL1JEXAMPLE
aws_secret_access_key=JHysHu8F96EjqssWVIBuf43grsvDpjqaQhJRxOJrEXAMPLE
In ~/.aws/config add the default region for the profile:
[default]
region = us-east-1
[profile myprofile]
region = us-east-1
https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html
Download and Install ScoutSuite
Clone ScoutSuite from the official repo.
$ git clone https://github.com/nccgroup/ScoutSuite.git
Navigate to the directory and install into a python virtual environment.
$ cd ScoutSuite
$ virtualenv -p python3 venv
$ source venv/bin/activate
$ pip install scoutsuite
$ scout aws --profile myprofile
ScoutSuite should then run:
Then a browser window should open with the generated report:
References: https://github.com/nccgroup/ScoutSuite/wiki