AWS Pentesting

ScoutSuite Quickstart

our services

ScoutSuite is a great tool that can be used by internal and external security analysts to assess cloud environments. Whether performing an AWS penetration test, or reviewing your own cloud configuration, this can help you spot dangerous misconfigurations.

There are three steps to get started:

  1. Generate a readonly administrative access token.
  2. Create a named profile for the AWS CLI.
  3. Install and run ScoutSuite

Create a local AWS named profile

In ~/.aws/credentials create an entry as follows:

[default]
aws_access_key_id = AKIAJ5PXFQOC1VVEXAMPLE
aws_secret_access_key = VGdiERGP6Y7KFsjpH437qKjflBJpH+jh/JEXAMPLE


[myprofile]
aws_access_key_id=AKIAJ6ONFYOL1JEXAMPLE
aws_secret_access_key=JHysHu8F96EjqssWVIBuf43grsvDpjqaQhJRxOJrEXAMPLE

In ~/.aws/config add the default region for the profile:

[default]
region = us-east-1

[profile myprofile]
region = us-east-1

https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html

Download and Install ScoutSuite

Clone ScoutSuite from the official repo.

$ git clone https://github.com/nccgroup/ScoutSuite.git

Navigate to the directory and install into a python virtual environment.

$ cd ScoutSuite
$ virtualenv -p python3 venv
$ source venv/bin/activate
$ pip install scoutsuite
$ scout aws --profile myprofile

ScoutSuite should then run:

ScoutSuite Install

Then a browser window should open with the generated report:

ScoutSuite Dashboard

References: https://github.com/nccgroup/ScoutSuite/wiki

We
Are
Changing
The
Way
Pentesting
Is
Done
  • Application
  • Network
  • Mobile
  • AWS