Visius Heimdall is a tool that checks for risks on your cloud infrastructure

Last update: Jun 20, 2022

Overview

Heimdall Cloud Checker 🇧🇷

About

Visius is a Brazilian cybersecurity startup that follows the signs of the crimson thunder ;) 🎸 !

As we value open source initiatives a lot, we've decided to open Heimdall for everyone to see and help us to secure our digital life.

"Be warned, I will honor my sworn oath to protect this realm as its gatekeeper. If your return threatens the safety of Asgard, Bifrost will remain closed and you will be left to die on the cold waste of Jotunheim."

Heimdall is a tool to check risks on your AWS.

Running

Prerequisites:

Python3
Poetry
Make

On Linux

Download this project, extract it to a folder and navigate to it.

git clone https://github.com/visius-io/visius.heimdall.git
make setup/dev
make start

# Format files before commit
make format/run

Screenshots

Options

none : check everything
-h | --help : Show help
-c | --crypto : Checks if Encryption is enabled
-i | --credentials : Checks for password policy and users MFA
-e | --exposed : Checks for exposed items
-l | --logs : Checks for active Logs

Screenshots

To do

Add support to Azure
Add support to GCP
Any other cool stuff

Sponsor

The very first Viking Startup

Spring Cloud Gateway 3.0.7 & 3.1.1 Code Injection (RCE)

Spring Cloud Gateway 3.0.7 & 3.1.1 Code Injection (RCE) CVE: CVE-2022-22947 CVSS: 10.0 (Vmware - https://tanzu.vmware.com/security/cve-2022-22947)

35 Dec 28, 2022

spring-cloud-gateway-rce CVE-2022-22947

Spring Cloud Gateway Actuator API SpEL表达式注入命令执行（CVE-2022-22947） 1.installation pip3 install -r requirements.txt 2.Usage $ python3 spring-cloud-gateway

10 Sep 28, 2022

We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. 🕵️

Pardus Lookout We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. The application i

19 Nov 18, 2022

Generate your own NFTs and their metadata based on your desired probabilities.

Generate your own NFTs and their metadata based on your desired probabilities. Use your own art assets too! Perfect for use with Candy Machine.

7 Sep 16, 2022

PrivateRoom - Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin

privateRoom Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin STEPS: Uploa

3 Nov 8, 2022

This tool help you to check if your Windows machine has hidden miner.

Hidden Miner Detector This tool help you to check if your Windows machine has hidden miner. Miners track when you open antivirus software or task mana

2 Oct 5, 2022

Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions

dns-mf-hazard Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions How to use it? Installation You need python

2 Jan 1, 2022

NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network

NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network. It applies to all linux operating systems. And it is improving every day, new packages are added. Thank You For Using NIVOS : [NIVOS Created By NIVO Team]

263 Jan 1, 2023

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭

331 Jan 1, 2023

Comments

Add Poetry and shining tools

Hello! Thanks for this project!

I'm just adding some basic python tools like Poetry to run and format files at this project following PEP8 guidelines.

opened by lays147 1
Add support to Azure cloud

Is your feature request related to a problem? Please describe. A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

Describe the solution you'd like A clear and concise description of what you want to happen.

Describe alternatives you've considered A clear and concise description of any alternative solutions or features you've considered.

Additional context Add any other context or screenshots about the feature request here.

opened by murksombra 0

Releases(1.0)

1.0(Jul 14, 2021)
The very first release of our OSS. Currently checking:

MFA users

Encrypted (S3, RDS and CloudTrail)

VPC logging

Exposed (RDS, S3, KMS and EBS)

Password Policy requirements

Source code(tar.gz)
Source code(zip)

Visius Heimdall is a tool that checks for risks on your cloud infrastructure

Related tags

Overview

Heimdall Cloud Checker 🇧🇷

About

Running

On Linux

Screenshots

Options

Screenshots

To do

Sponsor

You might also like...

Spring Cloud Gateway 3.0.7 & 3.1.1 Code Injection (RCE)

spring-cloud-gateway-rce CVE-2022-22947

We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. 🕵️

Generate your own NFTs and their metadata based on your desired probabilities.

PrivateRoom - Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin

This tool help you to check if your Windows machine has hidden miner.

Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions

NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭

Comments

Add Poetry and shining tools

Add support to Azure cloud

Releases(1.0)

1.0(Jul 14, 2021)

Owner

visius

A fast tool to scan prototype pollution vulnerability

A simple automatic tool for finding vulnerable log4j hosts

proof-of-concept running docker container from omero web

A passive-recon tool that parses through found assets and interacts with the Hackerone API

A tool used to obfuscate python scripts, bind obfuscated scripts to fixed machine or expire obfuscated scripts.

Password List Creator Simple !

This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

A quick script to spot the usage of Unicode Bidi (bidirectional) characters that could lead to an Invisible Backdoor

Python script to tamper with pages to test for Log4J Shell vulnerability.

KeyKatcher is a keylogger that records keystrokes made on a computer and sends to the E-Mail.

Lite version of my Gatekeeper backdoor for public use.

Python APK Reverser & Patcher Tool

A compact version of EDI-Vetter, which uses the TLS output to quickly vet transit signals.

Repository for a project of the course EP2520 Building Networked Systems Security

Collection Of Discord Hacking Tools / Fun Stuff / Exploits That Is Completely Made Using Python.

CVE-2021-26855: PoC (Not a HoneyPoC for once!)

Bypass's HCaptcha by overloading their api causing it to throwback a generated uuid. (Released due to exposure)

SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.

A Telegram Bot to force users to join a specific channel before sending messages in a group.

CamOver is a camera exploitation tool that allows to disclosure network camera admin password.