Scout Suite - an open source multi-cloud security-auditing tool,

Overview

Workflow CodeCov

PyPI version PyPI downloads Docker Hub Docker Pulls

Description

Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically.

Scout Suite was designed by security consultants/auditors. It is meant to provide a point-in-time security-oriented view of the cloud account it was run in. Once the data has been gathered, all usage may be performed offline.

The project team can be contacted at [email protected].

Cloud Provider Support

The following cloud providers are currently supported:

  • Amazon Web Services
  • Microsoft Azure
  • Google Cloud Platform
  • Alibaba Cloud (alpha)
  • Oracle Cloud Infrastructure (alpha)

Installation

Refer to the wiki.

Usage

Scout Suite is run through the CLI:

Running Scout Suite

Once this has completed, it will generate an HTML report including findings and Cloud account configuration:

Scout Suite Report

The above report was generated by running Scout Suite against https://github.com/nccgroup/sadcloud.

Additional information can be found in the wiki. There are also a number of handy tools for automation of common tasks.

NCC Scout

Our self-service cloud account monitoring platform, NCC Scout, is a user-friendly SaaS providing you with the ability to constantly monitor your public cloud accounts, allowing you to check theyโ€™re configured to comply with industry best practice.

It features:

  • Persistent monitoring - so you know about changes or issues as they arise
  • One tool - all configuration checks in one place for speed and simplicity
  • Multi-vendor support - AWS, Azure and GCP public cloud accounts
  • Agnostic platform - a trusted third-party tool

Additional details can be found in the wiki.

NCC Scout now has a free tier under our "Freemium" offering. This offering provides access to NCC Groupโ€™s extended rulesets, keeping your cloud environment protected in-line with best practice configuration and cloud technologies. To sign up for the service, head on to https://cyberstore.nccgroup.com/our-services/service-details/16/cloud-account-monitoring.

Comments
  • release/5.9.0

    release/5.9.0

    Changes:

    • Improved provider support:
      • AWS
        • Added 4 new ELB & ELBv2 findings (thanks to @goelaarushi04)
        • Added support for the "Amazon S3 Block Public Access" feature
        • Improved Lambda partial
        • Added support for RDS Aurora instances
      • Azure
        • Improved the authentication flow, and handling of subscriptions
      • GCP
        • Added support for Stackdriver Monitoring
        • Improved report content
        • Merged IAM & Resource Manager services
        • Added logic that validates if an API is enabled for a service & project prior to making additional API calls
    • Updated the rule format, to allow remediation & compliance information, as well as external references
      • Added rationales for most rules
      • Improved rules' content, adding remediation and references for a number of rules
      • Added the class_suffix field to highlight multiple elements
      • Additional information in https://github.com/nccgroup/ScoutSuite/wiki/HowTo:-Create-a-new-rule
    • Added an option in the report (top-right menu) to export a high level finding summary
    • Added a tool/util to upload findings to AWS Security Hub (see https://github.com/nccgroup/ScoutSuite/tree/develop/tools#aws_security_hub_exportpy)
    • Improved open source project public content
    • Bug fixes

    Release pre-requisites:

    • [x] Test and update AWS minimal policy
    • [x] Update AWS IPs
    enhancement release 
    opened by x4v13r64 70
  • Azure AAD Hanging & Process Getting Killed

    Azure AAD Hanging & Process Getting Killed

    Describe the bug When running scout suite for a subscription for Azure scout stops responding after showing the information about Fetching resources for the App Services service.

    I updated to the latest version of scout suite. Running scout suite on two different systems with the same user credentials I get two different errors but in both instances the system gets stuck in both instances -

    1st instance RedHat linux -

    This was on the previous version -

    [[email protected] azure_test]# scout azure --user-account -u $u -p $PP --subscriptions xyz --debug 2020-04-02 15:58:25 ip-x.x.x.x.linux.internal scout[23057] INFO Launching Scout 2020-04-02 15:58:25 ip-x.x.x.x.linux.internal scout[23057] INFO Authenticating to cloud provider 2020-04-02 15:58:29 ip-x.x.x.x.linux.internal scout[23057] INFO Running against 1 subscription(s) 2020-04-02 15:58:29 ip-x.x.x.x.linux.internal scout[23057] INFO Gathering data from APIs 2020-04-02 15:58:29 ip-x.x.x.x.linux.internal scout[23057] INFO Fetching resources for the AAD service 2020-04-02 15:58:29 ip-x.x.x.x.linux.internal scout[23057] INFO Fetching resources for the ARM service 2020-04-02 15:58:29 ip-x.x.x.x.linux.internal scout[23057] INFO Fetching resources for the Security Center service 2020-04-02 15:58:29 ip-x.x.x.x.linux.internal scout[23057] INFO Fetching resources for the SQL Database service 2020-04-02 15:58:29 ip-x.x.x.x.linux.internal scout[23057] INFO Fetching resources for the Storage Accounts service 2020-04-02 15:58:29 ip-x.x.x.x.linux.internal scout[23057] INFO Fetching resources for the Key Vault service 2020-04-02 15:58:29 ip-x.x.x.x.linux.internal scout[23057] INFO Fetching resources for the Network service 2020-04-02 15:58:29 ip-x.x.x.x.linux.internal scout[23057] INFO Fetching resources for the Virtual Machines service 2020-04-02 15:58:29 ip-x.x.x.x.linux.internal scout[23057] INFO Fetching resources for the App Services service 2020-04-02 15:58:29 ip-x.x.x.x.linux.internal scout[23057] ERROR securitycenter.py L83: Failed to retrieve compliance results: 'SecurityCenter' object has no attribute 'compliance_results' Traceback (most recent call last): File "/usr/local/lib/python3.7/site-packages/ScoutSuite/providers/azure/facade/securitycenter.py", line 83, in get_compliance_results lambda: list(client.compliance_results.list(scope=scope)) File "/usr/local/lib/python3.7/site-packages/ScoutSuite/providers/utils.py", line 24, in run_concurrently return await run_function_concurrently(function) File "/usr/lib64/python3.7/concurrent/futures/thread.py", line 57, in run result = self.fn(*self.args, **self.kwargs) File "/usr/local/lib/python3.7/site-packages/ScoutSuite/providers/azure/facade/securitycenter.py", line 83, in lambda: list(client.compliance_results.list(scope=scope)) AttributeError: 'SecurityCenter' object has no attribute 'compliance_results' 2020-04-02 15:58:29 ip-x.x.x.x.linux.internal scout[23057] ERROR securitycenter.py L95: Failed to retrieve regulatory compliance standards: 'SecurityCenter' object has no attribute 'regulatory_compliance_standards' Traceback (most recent call last): File "/usr/local/lib/python3.7/site-packages/ScoutSuite/providers/azure/facade/securitycenter.py", line 95, in get_regulatory_compliance_results lambda: list(client.regulatory_compliance_standards.list()) File "/usr/local/lib/python3.7/site-packages/ScoutSuite/providers/utils.py", line 24, in run_concurrently return await run_function_concurrently(function) File "/usr/lib64/python3.7/concurrent/futures/thread.py", line 57, in run result = self.fn(*self.args, **self.kwargs) File "/usr/local/lib/python3.7/site-packages/ScoutSuite/providers/azure/facade/securitycenter.py", line 95, in lambda: list(client.regulatory_compliance_standards.list()) AttributeError: 'SecurityCenter' object has no attribute 'regulatory_compliance_standards'

    After updating to the latest version -

    Successfully installed azure-cli-core-2.3.1 azure-mgmt-compute-12.0.0 azure-mgmt-monitor-0.8.0 azure-mgmt-network-10.0.0 azure-mgmt-security-0.3.0 azure-mgmt-sql-0.18.0 azure-mgmt-storage-9.0.0 azure-mgmt-web-0.45.0 boto3-1.12.35 botocore-1.15.35 cryptography-2.9 google-auth-1.13.1 google-cloud-storage-1.27.0 httplib2-0.17.1 humanfriendly-8.1 importlib-metadata-1.6.0 knack-0.7.0rc1 oci-2.12.2 pkginfo-1.5.0.1 pytz-2019.3 pyyaml-5.3.1 rsa-4.0 scoutsuite-5.8.1 setuptools-46.1.3

    [[email protected] azure_test]# scout azure --user-account -u $u -p $PP --subscriptions xyz --debug 2020-04-02 16:32:17 ip-x.x.x.x.linux.internal scout[27034] INFO Launching Scout 2020-04-02 16:32:17 ip-x.x.x.x.linux.internal scout[27034] INFO Authenticating to cloud provider 2020-04-02 16:32:23 ip-x.x.x.x.linux.internal scout[27034] INFO Running against 1 subscription(s) 2020-04-02 16:32:23 ip-x.x.x.x.linux.internal scout[27034] INFO Gathering data from APIs 2020-04-02 16:32:23 ip-x.x.x.x.linux.internal scout[27034] INFO Fetching resources for the AAD service 2020-04-02 16:32:23 ip-x.x.x.x.linux.internal scout[27034] INFO Fetching resources for the ARM service 2020-04-02 16:32:23 ip-x.x.x.x.linux.internal scout[27034] INFO Fetching resources for the Security Center service 2020-04-02 16:32:23 ip-x.x.x.x.linux.internal scout[27034] INFO Fetching resources for the SQL Database service 2020-04-02 16:32:23 ip-x.x.x.x.linux.internal scout[27034] INFO Fetching resources for the Storage Accounts service 2020-04-02 16:32:23 ip-x.x.x.x.linux.internal scout[27034] INFO Fetching resources for the Key Vault service 2020-04-02 16:32:23 ip-x.x.x.x.linux.internal scout[27034] INFO Fetching resources for the Network service 2020-04-02 16:32:23 ip-x.x.x.x.linux.internal scout[27034] INFO Fetching resources for the Virtual Machines service 2020-04-02 16:32:23 ip-x.x.x.x.linux.internal scout[27034] INFO Fetching resources for the App Services service

    2nd Instance RedHat linux - On my Macbook I get the following -

    scout azure --user-account -u $u -p $PP --subscriptions xyz --debug 2020-04-02 16:46:42 MACBOOK scout[24261] INFO Launching Scout 2020-04-02 16:46:42 MACBOOK scout[24261] INFO Authenticating to cloud provider 2020-04-02 16:46:51 MACBOOK scout[24261] INFO Running against 1 subscription(s) 2020-04-02 16:46:51 MACBOOK scout[24261] INFO Gathering data from APIs 2020-04-02 16:46:51 MACBOOK scout[24261] INFO Fetching resources for the AAD service 2020-04-02 16:46:51 MACBOOK scout[24261] INFO Fetching resources for the ARM service 2020-04-02 16:46:51 MACBOOK scout[24261] INFO Fetching resources for the Security Center service 2020-04-02 16:46:51 MACBOOK scout[24261] INFO Fetching resources for the SQL Database service 2020-04-02 16:46:51 MACBOOK scout[24261] INFO Fetching resources for the Storage Accounts service 2020-04-02 16:46:51 MACBOOK scout[24261] INFO Fetching resources for the Key Vault service 2020-04-02 16:46:51 MACBOOK scout[24261] INFO Fetching resources for the Network service 2020-04-02 16:46:51 MACBOOK scout[24261] INFO Fetching resources for the Virtual Machines service 2020-04-02 16:46:52 MACBOOK asyncio[24261] ERROR Task exception was never retrieved future: <Task finished coro=<RoleAssignments.fetch_all() done, defined at /usr/local/lib/python3.7/site-packages/ScoutSuite/providers/azure/resources/arm/role_assignments.py:11> exception=AttributeError("'RoleAssignment' object has no attribute 'principal_type'")> Traceback (most recent call last): File "/usr/local/lib/python3.7/site-packages/ScoutSuite/providers/azure/resources/arm/role_assignments.py", line 13, in fetch_all id, role_assignment = self._parse_role_assignment(raw_role_assignment) File "/usr/local/lib/python3.7/site-packages/ScoutSuite/providers/azure/resources/arm/role_assignments.py", line 24, in _parse_role_assignment role_assignment_dict['principal_type'] = raw_role_assignment.principal_type AttributeError: 'RoleAssignment' object has no attribute 'principal_type' 2020-04-02 16:46:55 MACBOOK scout[24261] ERROR storageaccounts.py L61: Failed to retrieve activity logs: 'AzureCredentials' object has no attribute 'signed_session' Traceback (most recent call last): File "/usr/local/lib/python3.7/site-packages/ScoutSuite/providers/azure/facade/storageaccounts.py", line 61, in _get_and_set_activity_logs lambda: list(client.activity_logs.list(filter=logs_filter, select="eventTimestamp, operationName")) File "/usr/local/lib/python3.7/site-packages/ScoutSuite/providers/utils.py", line 24, in run_concurrently return await run_function_concurrently(function) File "/usr/local/Cellar/python/3.7.7/Frameworks/Python.framework/Versions/3.7/lib/python3.7/concurrent/futures/thread.py", line 57, in run result = self.fn(*self.args, **self.kwargs) File "/usr/local/lib/python3.7/site-packages/ScoutSuite/providers/azure/facade/storageaccounts.py", line 61, in lambda: list(client.activity_logs.list(filter=logs_filter, select="eventTimestamp, operationName")) File "/usr/local/lib/python3.7/site-packages/msrest/paging.py", line 143, in next self.advance_page() File "/usr/local/lib/python3.7/site-packages/msrest/paging.py", line 129, in advance_page self._response = self._get_next(self.next_link) File "/usr/local/lib/python3.7/site-packages/azure/mgmt/monitor/operations/activity_logs_operations.py", line 117, in internal_paging request, header_parameters, stream=False, **operation_config) File "/usr/local/lib/python3.7/site-packages/msrest/service_client.py", line 336, in send pipeline_response = self.config.pipeline.run(request, **kwargs) File "/usr/local/lib/python3.7/site-packages/msrest/pipeline/init.py", line 197, in run return first_node.send(pipeline_request, **kwargs) # type: ignore File "/usr/local/lib/python3.7/site-packages/msrest/pipeline/init.py", line 150, in send response = self.next.send(request, **kwargs) File "/usr/local/lib/python3.7/site-packages/msrest/pipeline/requests.py", line 65, in send self._creds.signed_session(session) AttributeError: 'AzureCredentials' object has no attribute 'signed_session' 2020-04-02 16:46:55 MACBOOK scout[24261] ERROR storageaccounts.py L35: Failed to retrieve blob containers: 'ListContainerItems' object is not iterable Traceback (most recent call last): File "/usr/local/lib/python3.7/site-packages/ScoutSuite/providers/azure/facade/storageaccounts.py", line 35, in get_blob_containers lambda: list(client.blob_containers.list(resource_group_name, storage_account_name)) File "/usr/local/lib/python3.7/site-packages/ScoutSuite/providers/utils.py", line 24, in run_concurrently return await run_function_concurrently(function) File "/usr/local/Cellar/python/3.7.7/Frameworks/Python.framework/Versions/3.7/lib/python3.7/concurrent/futures/thread.py", line 57, in run result = self.fn(*self.args, **self.kwargs) File "/usr/local/lib/python3.7/site-packages/ScoutSuite/providers/azure/facade/storageaccounts.py", line 35, in lambda: list(client.blob_containers.list(resource_group_name, storage_account_name)) TypeError: 'ListContainerItems' object is not iterable

    Please provide:

    • No JSON File was generated.
    • These scripts are run behind a proxy environment the proxy variables were set before running the command in CLI.
    • I have reader permissions on the subscription image
    • The permissions given to me are limited I think in the documents Directory.read was needed but I cannot get that is there a way to run the report partially incase it's a permissions error.

    Please let me know if I am doing something wrong or if I need to provide any other details.

    bug component-provider-azure potential 
    opened by reach4bawer 46
  • Feature/dockerized

    Feature/dockerized

    Description

    Merging in the dockerhub image from rossja/ncc-scoutsuite. This PR is just a straight merge of that code to here. I created a new container/docker directory for this codebase, if that makes sense in some other directory structure instead, I'm all for that.

    The docker image is self-documented, but we should probably work on merging that documentation into the main doc/wiki (there's some updated content in that documentation related to cloud provider permissions and configurations as well that should be reviewed.)

    Fixes # 713

    Type of change

    Select the relevant option(s):

    • [X] New feature (non-breaking change which adds functionality)
    • [X] This change requires a documentation update

    Checklist:

    • [X] My code follows the style guidelines of this project
    • [X] I have performed a self-review of my own code
    • [X] I have commented my code, particularly in hard-to-understand areas
    • [X] My changes generate no new warnings
    • [X] New and existing unit tests pass locally with my changes
    enhancement 
    opened by rossja 31
  • Scout does not accept Region restriction in AWS IAM policy

    Scout does not accept Region restriction in AWS IAM policy

    https://github.com/nccgroup/ScoutSuite/wiki/AWS-Minimal-Privileges-Policy

    Based on above, If we add below lines into the above policy file to constrain scout to only accessing resources in a specific region, scout won't work, reporting many errors like below:

    "Condition": {
                    "StringEquals": {
                        "aws:RequestedRegion": "us-east-1"
                    }
     }
    

    Errors:

    2020-04-24 10:01:45 ip-172-31-16-60.us-west-2.compute.internal scout[7969] ERROR services.py L55: Could not fetch ses configuration: An error occurred (UnauthorizedOperation) when calling the DescribeRegions operation: You are not authorized to perform this operation.
    2020-04-24 10:01:45 ip-172-31-16-60.us-west-2.compute.internal scout[7969] ERROR services.py L55: Could not fetch sqs configuration: An error occurred (UnauthorizedOperation) when calling the DescribeRegions operation: You are not authorized to perform this operation.
    

    Looks like Scout can only work by --region option. but how can we guarantee minimal privilege if we want to restrict Scout to a specific region by IAM privileges?

    bug invalid 
    opened by huiweiguozi 29
  • Issue : Scoutsuite not honoring the aws profile with

    Issue : Scoutsuite not honoring the aws profile with "role_arn"

    I am currently using assume role based cross account access across all my aws accounts.

    My aws credentials file looks something like this :-

    [some_profile]
    role_arn=arn:aws:iam::XXXXXXXXXXXX:role/cross_role
    credential_source = Ec2InstanceMetadata
    

    The role does not require any external ID.

    When run using aws cli with respective profile as argument, it honors the profile configuration and gives me output pertaining to the account which is mapped to respective profile.

    However , when scoutsuite is run using --profile argument (same as what was used for aws cli) , it fetches info from the current host account from whose instance scoutsuite is being run and generates the output.

    Couldnt figure out what could be the reason of the issue.

    Other details that may help is given below :-

    $ pip freeze
    adal==1.2.2
    antlr4-python3-runtime==4.7.2
    applicationinsights==0.11.9
    argcomplete==1.10.0
    asn1crypto==0.24.0
    azure-cli-core==2.0.70
    azure-cli-nspkg==3.0.4
    azure-cli-telemetry==1.0.3
    azure-common==1.1.23
    azure-mgmt-keyvault==2.0.0
    azure-mgmt-monitor==0.7.0
    azure-mgmt-network==4.0.0
    azure-mgmt-redis==6.0.0
    azure-mgmt-resource==2.2.0
    azure-mgmt-security==0.3.0
    azure-mgmt-sql==0.12.0
    azure-mgmt-storage==4.0.0
    azure-mgmt-web==0.42.0
    azure-nspkg==3.0.2
    backports.functools-lru-cache==1.5
    bcrypt==3.1.7
    boto3==1.9.204
    botocore==1.12.204
    cachetools==3.1.1
    certifi==2019.6.16
    cffi==1.12.3
    chardet==3.0.4
    cheroot==6.5.5
    CherryPy==18.1.2
    cherrypy-cors==1.6
    colorama==0.4.1
    coloredlogs==10.0
    cryptography==2.7
    docutils==0.14
    google-api-core==1.14.2
    google-api-python-client==1.7.10
    google-auth==1.6.3
    google-auth-httplib2==0.0.3
    google-cloud-container==0.3.0
    google-cloud-core==1.0.3
    google-cloud-iam==0.2.0
    google-cloud-kms==1.2.0
    google-cloud-logging==1.12.1
    google-cloud-monitoring==0.32.0
    google-cloud-resource-manager==0.29.2
    google-cloud-storage==1.18.0
    google-resumable-media==0.3.2
    googleapis-common-protos==1.6.0
    grpc-google-iam-v1==0.12.3
    grpcio==1.22.0
    httpagentparser==1.8.2
    httplib2==0.13.1
    humanfriendly==4.18
    iampoliciesgonewild==1.0.6.2
    idna==2.8
    isodate==0.6.0
    jaraco.functools==2.0
    jmespath==0.9.4
    knack==0.6.3
    more-itertools==7.2.0
    msrest==0.6.9
    msrestazure==0.6.1
    netaddr==0.7.19
    oauth2client==4.1.3
    oauthlib==3.1.0
    paramiko==2.6.0
    portalocker==1.5.1
    portend==2.5
    protobuf==3.9.1
    pyasn1==0.4.6
    pyasn1-modules==0.2.6
    pycparser==2.19
    Pygments==2.4.2
    PyJWT==1.7.1
    PyNaCl==1.3.0
    pyOpenSSL==19.0.0
    python-dateutil==2.8.0
    pytz==2019.2
    PyYAML==5.1.2
    requests==2.22.0
    requests-oauthlib==1.2.0
    rsa==4.0
    s3transfer==0.2.1
    six==1.12.0
    sqlitedict==1.6.0
    tabulate==0.8.3
    tempora==1.14.1
    uritemplate==3.0.0
    urllib3==1.25.3
    zc.lockfile==2.0
    
    $ python scout.py --version
    Scout Suite 5.2.0
    
    $ aws --version
    aws-cli/1.16.102 Python/2.7.16 Linux/4.14.123-111.109.amzn2.x86_64 botocore/1.12.92
    
    $python --version
    Python 3.7.3
    
    

    However , it works when temporary credentials are updated in the credentials profile for the same assumed role. Seems little weird on why it acts this way.

    bug component-provider-aws potential 
    opened by rams3sh 26
  • Enhancement/Update AWS CIS Benchmark to 1.2.0

    Enhancement/Update AWS CIS Benchmark to 1.2.0

    Changes:

    • Creates the new AWS CIS 1.2.0 json ruleset, the required new findings and updates the findings to the new output format
      • Including 23 new rules
    • Adds support for AWS CloudWatch Metric Filters
    • Adds support for AWS Peering Connections
    • Adds support for AWS Flow Logs (Subnet & VPC)

    This PR is for issue #434

    Phases:

    • [x] Create all the new AWS CIS 1.2.0 IAM rules and update the format of the old ones
    • [x] Create all the new AWS CIS 1.2.0 Logging rules and update the format of the old ones
    • [x] Create all the new AWS CIS 1.2.0 Monitoring rules and update the format of the old ones
    • [x] Create all the new AWS CIS 1.2.0 Networking rules and update the format of the old ones

    TODOs for @j4v:

    • [x] Complete finding 1.14 of the cis-1-2-0.json ruleset This finding is already created in the rule iam-root-account-no-hardware-mfa.json. The resource iam/credentialreports.py is already set to fetch the VirtualMfaDevices and parse it. The parsing of the returned data should get the serial-number of the mfa device and also a boolean containing whether the MFA device is hardware based or not. To check if a MFA device is hardware or virtual, the serial-number should be checked. If the serial-number contains "arn", then the device is virtaul. Otherwise, the device is hardware. Once done, issue #681 can be closed.
    • [x] Ensure there aren't any duplicate findings in pub/prop
      • [x] Compare EC2 SG findings as there might be duplicates
    • [x] Ensure new findings are added to default ruleset (+prop) where appropriate
    • [x] Ensure new findings are added to detailed ruleset where appropriate
      • [x] Review the arguments used in the detailed ruleset There are some findings that may have inappropriate arguments. For example, the iam-password-policy-minimum-length finding has the minimum length argument set to 8 when the CIS recommendation is 14.
    • [x] Review peering connection implementation/partial
    • [x] Review hidden flow logs implementation/partial
    • [x] Fix findings 3.1 to 3.14 of cis-1-2-0.json ruleset not returning an empty list when clicked. Further information of this issue can be found here: https://github.com/nccgroup/ScoutSuite/pull/679#issuecomment-633639978
    enhancement component-provider-aws 
    opened by prisas 23
  • Human Readable CSV Findings Export

    Human Readable CSV Findings Export

    Hi,

    Although various export are available and the html/js report offers an impressive user experience, a lack of easy to use, human readable csv export of scout2 findings is perhaps the one thing that keeps it from being, hands down, the best aws audit tool.

    I may be missing something, even though i've spent many hours on the issue throwing myself at the export wiki entry. Or perhaps it was never the intention to make scout2 easy to use for mere mortals.

    Regardless, i'd love to walk out of this experience a bit wiser. Enlighten me, would you kindly :) -A.G.

    enhancement component-core 
    opened by saryx123 23
  • Azure Error: MissingApiVersionParameter  (securitycenter.py)

    Azure Error: MissingApiVersionParameter (securitycenter.py)

    Describe the bug

    Steps:

    • downloaded the package using pip (or master branch on git)
    • follow the basic steps to start the audit (using account browser since I have MFA)
    • Get this error and scout is just stuck:

    ERROR securitycenter.py L86: Failed to retrieve compliance results: Azure Error: MissingApiVersionParameter Message: The api-version query parameter (?api-version=) is required for all requests.

    To Reproduce

    Please provide:

    • python3 scout.py azure --user-account-browser --tenant xxx-yyy-zzzz

    Additional context

    Same behaviour using git version or pip version

    bug potential 
    opened by ab-smith 22
  • release/5.8.0

    release/5.8.0

    Changes:

    • Improved support for AWS
      • Added support for KMS
      • Added basic support for Secrets Manager
      • Simplified evaluation of IAM policies in multiple rules
    • Improved support for Azure
      • Added support for App Service Web Apps
      • Added support for Security Center Compliance Results
      • Added support for Security Center Regulatory Compliance Results
    • Improved support for GCP
      • Improved partials and finding rationales
      • Scans should complete much faster
    • Improved support for OCI
      • Improved error handing
      • Support for scanning arbitrary compartments
    • Improved Open Source project's processes
      • Issue and PR templates
      • CI/CD deployment, with the addition of autopep8
    • Added a --list-services option to list available services to scan
    • A bunch of bug fixes
    enhancement release 
    opened by x4v13r64 21
  • Receiving bucket list gives AccessError even though it works with aws_cli

    Receiving bucket list gives AccessError even though it works with aws_cli

    I'm using,

    macOS 10.14.5 Python 3.7.3

    with ScoutSuite installed via pip3: $ pip3 freeze | grep -i scout ScoutSuite==5.0.post3

    and I tried as well the latest git checkout: $ git rev-parse HEAD 5a498fbd9fc558d63409123ab5aba19ad4e5097d

    What did you do?

    When I call:

    $ aws s3 ls --profile security
    Enter MFA code for arn:aws:iam::xxxx:mfa/username:
    2018-04-12 16:20:13 foo
    2018-04-20 14:43:42 bar
    [...]
    

    I can see all s3 buckets, but when I try fetch the buckets via Scout I end up with the following error:

    $ python3 scout.py aws --profile security --services s3 --no-browser
    2019-05-21 16:42:21 PinkRobin.localdomain scout[33071] INFO Launching Scout
    2019-05-21 16:42:21 PinkRobin.localdomain scout[33071] INFO Authenticating to cloud provider
    Enter MFA code for arn:aws:iam::xxxxx:mfa/username:
    2019-05-21 16:42:29 PinkRobin.localdomain scout[33071] INFO Gathering data from APIs
    2019-05-21 16:42:29 PinkRobin.localdomain scout[33071] INFO Fetching resources for the S3 service
    2019-05-21 16:42:30 PinkRobin.localdomain scout[33071] ERROR s3.py L15: Failed to list buckets: An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied
    2019-05-21 16:42:30 PinkRobin.localdomain scout[33071] INFO Running rule engine
    2019-05-21 16:42:30 PinkRobin.localdomain scout[33071] INFO Applying display filters
    2019-05-21 16:42:30 PinkRobin.localdomain scout[33071] INFO Saving data to scoutsuite-report/scoutsuite-results/scoutsuite_results_aws-security.js
    2019-05-21 16:42:30 PinkRobin.localdomain scout[33071] INFO Saving data to scoutsuite-report/scoutsuite-results/scoutsuite_exceptions_aws-security.js
    2019-05-21 16:42:30 PinkRobin.localdomain scout[33071] INFO Saving data to scoutsuite-report/scoutsuite-results/scoutsuite_errors_aws-security.json
    2019-05-21 16:42:30 PinkRobin.localdomain scout[33071] INFO Creating scoutsuite-report/aws-security.html
    

    What did you expect to see?

    A generated report which includes the buckets.

    What did you see instead?

    AccessDenied error.

    Some things I tried:

    I followed from #28 to https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html and created my config and credentials how it is mentioned on that webpage without any success.

    I also tried to add the role into my [default] configuration, that didn't work either.

    Thoughts

    I think it is not using the profile/role correctly. When I run scout fully I get error messages that look like this:

    2019-05-21 16:57:11 PinkRobin.localdomain scout[33314] ERROR cloudtrail.py L13: Failed to describe CloutTrail trail: An error occurred (AccessDeniedException) when calling the DescribeTrails operation: User: arn:aws:iam::ACCOUNTID:user/ACCOUNT is not authorized to perform: cloudtrail:DescribeTrails
    

    Those show that it is using the account instead of my role.

    bug potential 
    opened by hashier 17
  • Exceeding GCP Service Usage API Quota

    Exceeding GCP Service Usage API Quota

    I am running into an issue where I am exceeding the service account quota limits for the Service Usage API. I get the following error in my logs.

    2020-07-21 03:02:16 a3f49ed43909 scout[1] ERROR services.py L55: Could not fetch iam configuration: <HttpError 500 when requesting https://serviceusage.googleapis.com/v1/projects/<removed>/services?alt=json returned "Quota exceeded for quota metric 'Requests' and limit 'Requests per minute' of service 'servicemanagement.googleapis.com' for consumer 'project_number:<removed>.". Details: "[{'@type': 'type.googleapis.com/google.rpc.Help', 'links': [{'description': 'Google developer console API key', 'url': 'https://console.developers.google.com/project/<removed>/apiui/credential'}]}]">
    

    It looks like good only allows 240 requests per minute. I have submitted a ticket with google to increase the limit but I haven't gotten a response back. I tried rate limiting the requests with "--max-rate 1 --max-workers 3", but I am still seeing issues.

    Has anyone seen this issue or have recommendations to limit the rate that scoutsuite queries the GCP api?

    Parameters when calling scoutsuite gcp --service-account /opt/creds/gcp.json --organization-id XXXXXXXXXX --all-projects --max-rate 1 --max-workers 3

    bug component-provider-gcp 
    opened by kareem-DA 16
  • Error when running ScoutSuite

    Error when running ScoutSuite

    trying to run scoutsuite on an azure environment, getting the following error:

    main.py L212: Initialization failure: cannot import name 'ARMChallengeAuthenticationPolicy' from 'azure.mgmt.core.policies' (/home/assaf/.local/lib/python3.8/site-packages/azure/mgmt/core/policies/init.py)

    the environment is ubuntu LTS 20.04.3 python3.9 --version Python 3.9.16

    bug potential 
    opened by BachateroJ 0
  • Container Support AWS

    Container Support AWS

    Is your feature request related to a problem? Please describe.

    When running scoutsuite for aws, the report shows a containers tab. However no information ever populates it, even in accounts using ECS, EKS and ECR.

    Describe the solution you'd like

    To have security rules ran against those services.

    Describe alternatives you've considered

    N/A

    Additional context

    N/A

    enhancement 
    opened by johnkoehn 0
  • Minimal AWS IAM policy missing actions

    Minimal AWS IAM policy missing actions

    Describe the bug

    In the wiki page here: https://github.com/nccgroup/ScoutSuite/wiki/AWS-Minimal-Privileges-Policy

    The missing actions are:

    "cloudfront:ListDistributions",
    "codebuild:ListProjects",
    "secretsmanager:GetResourcePolicy",
    

    To Reproduce

    Please provide:

    Set up the policy in AWS per the wiki and run the tool. It should error out with warnings about missing policy actions.

    bug potential 
    opened by chrisgilmerproj 0
  • Add a new common CLI flag to allow custom rules folders

    Add a new common CLI flag to allow custom rules folders

    Description

    This change allows to use a new CLI argument wich wake up an existing pre-coded feature to allow a user to specify multiple custom rules folders.

    Type of change

    Select the relevant option(s):

    • [ ] Bug fix (non-breaking change which fixes an issue)
    • [x] New feature (non-breaking change which adds functionality)
    • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
    • [X] This change requires a documentation update

    Checklist:

    • [x] My code follows the style guidelines of this project
    • [x] I have performed a self-review of my own code
    • [x] I have commented my code, particularly in hard-to-understand areas
    • [x] My changes generate no new warnings
    • [ ] I have added tests that prove my fix is effective or that my feature works (optional)
    • [ ] New and existing unit tests pass locally with my changes
    opened by gillg 0
  • Load Balancer Allowing Clear Text (HTTP) Communication

    Load Balancer Allowing Clear Text (HTTP) Communication

    The report is noticing a HTTP vulnerability for ALB's, even though the Load Balancer makes HTTP redirection to HTTPS. There isn't more information in the report more than the Load Balancer's information, listeners, attributes and sgs.

    image

    Is this a bug?

    bug potential 
    opened by juanbermudez-higg 2
  • not all resources are being listed in azure especially vms

    not all resources are being listed in azure especially vms

    i have run the command several ways on several machines and always the same result

    main summary says 14 vms but when you go to the instance count its only showing 3 from 1 resource group

    i have even tried to put the specific subscription in says its only running against the specific named id and it still only shows from different and main

    bug potential 
    opened by frankscalzo 0
Releases(5.12.0)
  • 5.12.0(Sep 5, 2022)

    ScoutSuite 5.12.0

    Changes:

    • Core
      • Updated dependencies
      • Updated cli parser
    • AWS
      • Multiple bug fixes and minor improvements
      • Updated IP ranges
      • Updated rules for CloudFront
      • Updated rules for EC2
      • Updated rules for ELB
      • Updated rules for IAM
      • Updated rule for S3
      • Updated rule for SQS
      • Updated error logging and exception handling
      • Improved secrets detection rules
      • Added a new command flag that allows to run Scout on CN regions
    • Azure
      • Upgraded authentication strategies to use latest Azure SDK packages
      • Multiple bug fixes and minor improvements
      • Added new rules for Azure AD
      • Added and updated rules for Azure Storage Account
      • Added and updated rules for Networking
      • Updated rule for Virtual Machines
      • Added new rules for RBAC
      • Added and updated rules for Azure SQL Databases, MySQL and PostgreSQL
      • Added new rules for Logging and Monitoring
      • Added and updated rules for Azure Security Center (now Defender for Cloud)
      • Added and updated rules for AppService
      • Added new rule for KeyVault
      • Updated multiple finding templates
    • GCP
      • Multiple bug fixes and minor improvements
      • Added new rules for GKE
      • Added and updated rules for CloudSQL
      • Added new rules for BigQuery
      • Added new rules for Functions
      • Added new rule for CloudStorage
      • Updated rule for MemoryStore
      • Updated multiple finding templates
      • Updated UI
    • Docker
      • Fixed error in docker_compose.yaml

    Thanks to all contributors in this release:

    @xnkevinnguyen @x4v13r64 @SophieDorval @rscottbailey @yash-seclogic @charlietran @tkmru @Anthirian

    Source code(tar.gz)
    Source code(zip)
  • 5.12.0-rc1(Jul 15, 2022)

    Changes:

    • Upgrade third-party dependencies
    • New templates, rulesets
    • Authentication MSAL
    • Refactorization and improvement of the components for AWS, GCP and Azure

    Thanks to all contributors in this release:

    Source code(tar.gz)
    Source code(zip)
  • 5.11.0(Mar 10, 2022)

    Changes:

    • Core
      • Fixed the --update functionality
      • Added epilog to the help menu
      • Improved unit test coverage
      • Updated dependencies for Azure and GCP
    • AWS
      • Added ARNs for a all resources
      • Added support for CloudFront distribution lists, as well as 3 new findings
      • Added support for CodeBuild
      • Added a finding for SQS queue encryption
      • Added a finding for IAM Lightspin vulnerability
      • Added a finding for RDS instance public access
      • Improved fetching and report for AWS resources
      • Bug fixes
      • Update botocore version
      • Fixed XSS issue in report (Thanks to Liyun Li for reporting it!)
    • Azure
      • Added 3 findings for VM disks
      • Improved report and findings' guidance for Azure resources
      • Bug fixes
    • GCP
      • Created a ruleset for GCP CIS version 1.1 (https://www.cisecurity.org/benchmark/google_cloud_computing_platform/)
      • Can be run with the --ruleset cis-1.1.0.json parameter
      • Added support for a number of resources
      • Included the addition of 46 new rules, most of which were added to the default ruleset
        • Cloud SQL: 11 new findings
        • Cloud Storage: 1 new finding
        • Compute Engine: 11 new findings
        • Cloud DNS: 3 new findings
        • IAM: 2 new findings
        • KMS: 2 new findings
        • Cloud Logging: 8 new findings
        • Cloud Monitoring: 8 new findings
      • Added support for Cloud Memorystore, as well as 2 new findings
      • Added 1 finding for VPC flow logs
      • Improved fetching, report and findings' guidance for GCP resources
      • Bug fixes
    • Docker
      • Updated tooling to current versions
      • Pulling in the current version of ScoutSuite

    Thanks to all contributors in this release:

    • x4v13r64
    • liyun-li
    • timretout
    • yangsec888
    • ericrichtert
    • 4ndygu
    • rossja
    • lowSoA
    • bigdavros
    • json-ncc
    • chris-codaio
    • SophieDorval
    • xnkevinnguyen
    • rogeriobastos
    • lm-t
    • sushantmimani
    • rgpncc
    • cr-latacora
    Source code(tar.gz)
    Source code(zip)
  • 5.10.2(Dec 8, 2020)

  • 5.10.1(Oct 24, 2020)

    Changes:

    • Fix report CSV exports
    • Fix evaluation of AWS CloudWatch filters
    • Fix an AWS IAM rule which included FPs
    • Fix issues with docker support
    • Fix typos in rules
    • Improved default region selection for AWS S3, handling regions disallowed via SCP/IAM policies automatically
    • Improved support for AWS CloudTrail
    • Improved GCP error handling
    • Remove an outdated and unused version of jQuery
    Source code(tar.gz)
    Source code(zip)
  • 5.10.0(Oct 1, 2020)

    Changes:

    • Core
      • Moved unit tests from nose to pytest & improved unit test coverage
      • Migrated formatting from the 2.7+ versions to more native 3.x styles
      • Bug fixes and improved error handling
    • AWS
      • Created a ruleset for AWS CIS version 1.2 (https://www.cisecurity.org/benchmark/amazon_web_services/)
        • Can be run with the --ruleset cis-1.2.0.json parameter
        • This included the addition of 23 new rules, most of which where added to the default ruleset
      • Added support for
        • CloudWatch Metric Filters
        • DynamoDB
        • VPC Peering Connections & Flow Logs (Subnet & VPC)
      • Improved the report and processing for AWS resources
    • Azure
      • Improved support for App Services web apps, including 5 new rules
      • Improved NSG implementation, decreasing the report size by multiple orders of magnitude
      • Added Azure Tags and Resource Groups to all resources
    • GCP
      • Added support for GKE, including 19 new rules
      • Improved reporting for Compute Engine instances, networks, subnetworks and firewall rules
      • Implemented exponential backoff to handle API quotas

    Breaking change: support for Python 3.5 has been removed.

    Source code(tar.gz)
    Source code(zip)
  • 5.9.1(Jul 28, 2020)

    This release is a hotfix for https://github.com/nccgroup/ScoutSuite/issues/821.

    In addition, it improves exception handling for the main _run function, as well as for the Azure provider.

    The new error codes can be found under https://github.com/nccgroup/ScoutSuite/wiki/Error-Codes.

    Source code(tar.gz)
    Source code(zip)
  • 5.9.0(Jul 2, 2020)

    Changes:

    • Improved provider support:
      • AWS
        • Added 4 new ELB & ELBv2 findings (thanks to @goelaarushi04)
        • Added support for the "Amazon S3 Block Public Access" feature
        • Improved Lambda partial
        • Added support for RDS Aurora instances
      • Azure
        • Improved the authentication flow, and handling of subscriptions
      • GCP
        • Added support for Stackdriver Monitoring
        • Improved report content
        • Merged IAM & Resource Manager services
        • Added logic that validates if an API is enabled for a service & project prior to making additional API calls
    • Updated the rule format, to allow remediation & compliance information, as well as external references
      • Added rationales for most rules
      • Improved rules' content, adding remediation and references for a number of rules
      • Added the class_suffix field to highlight multiple elements
      • Additional information in https://github.com/nccgroup/ScoutSuite/wiki/HowTo:-Create-a-new-rule
    • Added an option in the report (top-right menu) to export a high level finding summary
    • Added a tool/util to upload findings to AWS Security Hub (see https://github.com/nccgroup/ScoutSuite/tree/develop/tools#aws_security_hub_exportpy)
    • Improved open source project public content
    • Bug fixes
    Source code(tar.gz)
    Source code(zip)
  • 5.8.1(Apr 2, 2020)

  • 5.8.0(Mar 23, 2020)

    Changes:

    • Improved support for AWS
      • Added support for KMS
      • Added basic support for Secrets Manager
      • Simplified evaluation of IAM policies in multiple rules
    • Improved support for Azure
      • Added support for App Service Web Apps
      • Added support for Security Center Compliance Results
      • Added support for Security Center Regulatory Compliance Results
    • Improved support for GCP
      • Improved partials and finding rationales
      • Scans should complete much faster
    • Improved support for OCI
      • Improved error handing
      • Support for scanning arbitrary compartments
    • Improved Open Source project's processes
      • Issue and PR templates
      • CI/CD deployment, with the addition of autopep8
    • Added a --list-services option to list available services to scan
    • A bunch of bug fixes
    Source code(tar.gz)
    Source code(zip)
  • 5.7.0(Feb 2, 2020)

    Changes:

    • Azure
      • Adds support for scanning multiple subscriptions or a whole tenant in one go (see https://github.com/nccgroup/ScoutSuite/wiki/Azure#subscriptions)
      • Adds a new authentication method (--user-account-browser), which allows authenticating with a user with MFA enabled, without the need for azure-cli (see https://github.com/nccgroup/ScoutSuite/wiki/Azure#user-credentials-via-browser)
    • AWS
      • Tweak support for executing in Lambda
      • Adds tags for RDS resources
    • Core
      • Improves test coverage

    Warning this implements backward-incompatible changes to:

    • Azure CLI options
    • Azure partials
    Source code(tar.gz)
    Source code(zip)
  • 5.6.0(Jan 10, 2020)

  • 5.5.0(Nov 21, 2019)

    Changes:

    • Improvements to the AWS & Azure reports
    • Improvements to Azure Networks and Virtual Machines services' support
    • Improvements to GCP Cloud Storage support
    • Improved Azure rules
    • New rules for AWS & Azure
    • Added support for Aliyun OSS
    • Improved test coverage
    • Bug fixes
    Source code(tar.gz)
    Source code(zip)
  • 5.4.0(Sep 23, 2019)

  • 5.3.3(Aug 21, 2019)

  • 5.3.2(Aug 20, 2019)

  • 5.3.1(Aug 20, 2019)

  • 5.3.0(Aug 20, 2019)

    Changes:

    • Added alpha support for Alibaba Cloud (Aliyun) and Oracle Cloud Infrastructure (OCI)
    • Improved AWS & Azure support, including new services and findings
    • Added the --exclude-regions parameter for AWS
      • This can be used to exclude optional regions, e.g. by passing --exclude-regions ap-east-1 me-south-1.
    • Added support for AWS authentication with access keys (https://github.com/nccgroup/ScoutSuite/wiki/Amazon-Web-Services#cli-parameters)
    • Added support to handle AWS rate limiting (through exponential backoff) as well as a configurable rate limiting parameter --max-rate)
    • Improved finding rationales'
    • Improved error handling
    • Bug fixes
    Source code(tar.gz)
    Source code(zip)
  • 5.2.0(Jun 26, 2019)

    Changes:

    • Adds GCP and Azure CIS benchmark rulesets
    • Renames AWS CIS ruleset to cis-1.0.0.json
    • Adds a number of GCP findings
    • Improves the implementation of Azure's authentication strategy
    • Updates to finding rationales and descriptions for all providers
    • Updates to default rulesets for all providers
    • Improves the UI
    • Bug fixes, improved error handling
    Source code(tar.gz)
    Source code(zip)
  • 5.1.0(May 22, 2019)

    Changes:

    • Update styling to NCC's standards
    • Changes to the CLI
      • Removes the --vpc and --resume CLI arguments as they aren't implemented
        • --resume will be worked on in https://github.com/nccgroup/ScoutSuite/issues/88
      • Adds the following options:
        • --quiet flag to suppress CLI output
        • --logfile param to specify an additional file path to store output (supports --debug flag)
    • Update the "Execution Details" section to be more generic and work with programatic executions.
    • Updates to rulesets and findings
    • Bug fixes
    Source code(tar.gz)
    Source code(zip)
  • 5.0.post3(May 4, 2019)

  • 5.0.0-beta2(Apr 29, 2019)

    Breaking changes:

    • Renamed Scout.py to scout.py

    Changes:

    • Refactored the GCP provider to the new architecture
    • Added support for the AWS Config service
    • Restored AWS resources removed in `5.0.0-beta1
    • Added the --report-name CLI option
    • Tweaked to automatic report naming
    • Improved the client-server implementation (see https://github.com/nccgroup/ScoutSuite/wiki/Server)
    • Fixed bugs
    • Improved the UI/UX
    Source code(tar.gz)
    Source code(zip)
  • 5.0.0-beta(Apr 4, 2019)

    • Python 2.7 and 3.4 have been deprecated
    • The whole resources fetching architecture was refactored (see the documentation for more details) and AWS and Azure were migrated to that new architecture
    • A new flag was added (--max-workers) which allows specifying the exact number of workers (threads) Scout will use. This will replace --thread-config, which is less verbose. The new flag can be used with Azure and AWS only as GCP has not yet been refactored.
    • Performance was improved
    • The logging system was refactored
    • A Resources summary page was added (available through the top-right menu)
    • UI improvements were made
    • Bugs were fixed
    • Some (AWS) resources that were not used for findings or surface attack analysis have been removed
      • EC2: customer_gateways, vpn_gateways, vpn_connections, route_tables, peering_connections
      • Route53: hosted_zones
      • SNS: subscriptions (already included in topics)
      • ELBv2: ssl_policies
      • ELB: elb_policies
    Source code(tar.gz)
    Source code(zip)
  • 4.3.0(Mar 10, 2019)

    • Opinel was removed as a dependency and integrated directly to the codebase.
    • A with the menu highlighting was fixed
    • Most of the warning were addressed
    • Support for AWS was improved
    • The default profile name for AWS was changed from 'default' to None. This will have an impact on the report files names.

    Please note that python 2.x and 3.4 will soon be deprecated.

    To learn more about why we are deprecating those versions of Python, see this thread: #183 .

    Source code(tar.gz)
    Source code(zip)
  • 4.2.post5(Feb 20, 2019)

  • 4.2.0(Feb 19, 2019)

    • Azure support has been improved but is still considered alpha
    • The --provider flag is now optional. If you do still explicitly specify it, it must be the first flag.
    • Implemented new findings
    • UI fixes and improvements
    Source code(tar.gz)
    Source code(zip)
Owner
NCC Group Plc
Please report all security issues to security at nccgroup dot com
NCC Group Plc
๐ŸŽป Modularized exploit generation framework

Modularized exploit generation framework for x86_64 binaries Overview This project is still at early stage of development, so you might want to come b

แด€แด‡๊œฑแดแด˜สœแดส€ 30 Jan 17, 2022
macOS persistence tool

PoisonApple Command-line tool to perform various persistence mechanism techniques on macOS. This tool was designed to be used by threat hunters for cy

Cyborg Security, Inc 212 Dec 29, 2022
Obfuscate your python code into a string of integers. De-obfuscate also supported.

int-obfuscator Obfuscate your python code into a string of integers. De-obfuscate also supported. How it works: Each printable character gets replaced

6 Nov 13, 2022
CloudFlare reconnaissance, tries to uncover the IP behind CF.

CloudFlare reconnaissance, tries to uncover the IP behind CF.

Neospace 8 Dec 03, 2021
The RDT protocol (RDT3.0,GBN,SR) implementation and performance evaluation code using socket

์†Œ์ผ“์„ ์ด์šฉํ•œ RDT protocols (RDT3.0,GBN,SR) ๊ตฌํ˜„ ๋ฐ ์„ฑ๋Šฅ ํ‰๊ฐ€ ์ฝ”๋“œ ์ž…๋‹ˆ๋‹ค. ์ฝ”๋“œ๋ฅผ ์‹คํ–‰ํ• ๋•Œ ๋ฆฌ์‹œ๋ฒ„๋ฅผ ๋จผ์ € ์‹คํ–‰ํ•˜์„ธ์š”. ์„ฑ๋Šฅ ํ‰๊ฐ€ ์ฝ”๋“œ๋Š” ํŒจํ‚ท ์ „์†ก ๊ณผ์ •์„ ์ œ์™ธํ•˜๊ณ  ์‹œ๊ฐ„๋‹น ์ „์†ก๋ฅ ์„ ์ถœ๋ ฅํ•ฉ๋‹ˆ๋‹ค. RDT3.0 GBN SR(๋ฒ„๊ทธ ๋ฐœ๊ฒฌ์œผ๋กœ ๊ตฌํ˜„์ค‘ ์ž…๋‹ˆ

kimtaeyong98 0 Dec 20, 2021
Big-Papa Integrates Javascript and python for remote cookie stealing which then can be used for session hijacking

Big-Papa is a remote cookie stealer which can then be used for session hijacking and Bypassing 2 Factor Authentication

77 Jan 03, 2023
Log4j rce test environment and poc

log4jpwn log4j rce test environment See: https://www.lunasec.io/docs/blog/log4j-zero-day/ Experiments to trigger in various software products mentione

Leon Jacobs 307 Dec 24, 2022
Yuyu Scanner is a Web Reconnaissance & Web Analysis Scanner to find assets and information about targets.

Yuyu Scanner Yuyu Scanner is a Web Reconnaissance & Web Analysis Scanner to find assets and information about targets. installation ! run as root

Justakazh 20 Nov 24, 2022
CVE-2021-26855: PoC (Not a HoneyPoC for once!)

Exch-CVE-2021-26855 ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker b

ZephrFish 24 Nov 14, 2022
Data Recovery from your broken Android phone

Broken Phone Recovery a guide how to backup data from your locked android phone if you broke your screen (and more) you can skip some steps depending

v1nc 25 Sep 23, 2022
KeyKatcher is a keylogger that records keystrokes made on a computer and sends to the E-Mail.

What is a keylogger? A keylogger is a software application or piece of hardware that monitors and records keystrokes made on a computer keyboard. The

Himank_Jain 7 Sep 19, 2022
A simple Outline Server Access Key Copy and Paste Web Interface

Outline Keychain A simple Outline Server Access Key Copy and Paste Web Interface Developed for key and password export and copy & paste for other Shad

Zhe 1 Dec 28, 2021
Backdoor is a term that refers to the access of the software or hardware of a computer system without being detected.

This program is an non-object oriented opensource, hidden and undetectable backdoor/reverse shell/RAT for Windows made in Python 3 which contains many features such as multi-client support and cross-

35 Apr 17, 2022
Bandit is a tool designed to find common security issues in Python code.

A security linter from PyCQA Free software: Apache license Documentation: https://bandit.readthedocs.io/en/latest/ Source: https://github.com/PyCQA/ba

Python Code Quality Authority 4.8k Dec 31, 2022
Steal Files on a Windows Machine

File-Stealer Steal Files on a Windows Machine About This Script will steal certain Files on a Windows Machine and sends them to a FTP Server. Preview

Marcel 5 Nov 17, 2022
BloodyAD is an Active Directory Privilege Escalation Framework

BloodyAD Framework BloodyAD is an Active Directory Privilege Escalation Framework, it can be used manually using bloodyAD.py or automatically by combi

757 Jan 07, 2023
neo Tool is great one in binary exploitation topic

neo Tool is great one in binary exploitation topic. instead of doing several missions by many tools and windows, you can now automate this in one tool in one session.. Enjoy it

Hamza Elansari 4 Oct 10, 2022
OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the

omigood (OM I GOOD?) This repository contains a free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threa

Marco Simioni 13 Jul 13, 2022
Make files with as many random bytes as you want

Lots o' Bytes ๐Ÿ”ฃ Make files with as many random bytes as you want! Use case Can be used to package malware that is normally small by making the downlo

Addi 1 Jan 13, 2022
Internationalized Domain Names for Python (IDNA 2008 and UTS #46)

Internationalized Domain Names in Applications (IDNA) Support for the Internationalised Domain Names in Applications (IDNA) protocol as specified in R

Kim Davies 204 Dec 13, 2022