Visius Heimdall is a tool that checks for risks on your cloud infrastructure

Related tags

Security related resourcesawscryptographycloudprivacyaws-lambdaaws-s3cybersecurityboto3heimdallvisius
Overview

Heimdall Cloud Checker ๐Ÿ‡ง๐Ÿ‡ท

Visius Heimdall Logo

About

Visius is a Brazilian cybersecurity startup that follows the signs of the crimson thunder ;) ๐ŸŽธ !

As we value open source initiatives a lot, we've decided to open Heimdall for everyone to see and help us to secure our digital life.

"Be warned, I will honor my sworn oath to protect this realm as its gatekeeper. If your return threatens the safety of Asgard, Bifrost will remain closed and you will be left to die on the cold waste of Jotunheim."

Heimdall is a tool to check risks on your AWS.

Running

Prerequisites:

  • Python3
  • Poetry
  • Make

On Linux

Download this project, extract it to a folder and navigate to it.

git clone https://github.com/visius-io/visius.heimdall.git
make setup/dev
make start

# Format files before commit
make format/run

Screenshots

1

2

3

4

Options

  • none : check everything
  • -h | --help : Show help
  • -c | --crypto : Checks if Encryption is enabled
  • -i | --credentials : Checks for password policy and users MFA
  • -e | --exposed : Checks for exposed items
  • -l | --logs : Checks for active Logs

Screenshots

To do

  • Add support to Azure
  • Add support to GCP
  • Any other cool stuff

Sponsor

The very first Viking Startup

You might also like...
Spring Cloud Gateway 3.0.7 & 3.1.1 Code Injection (RCE)

Spring Cloud Gateway 3.0.7 & 3.1.1 Code Injection (RCE) CVE: CVE-2022-22947 CVSS: 10.0 (Vmware - https://tanzu.vmware.com/security/cve-2022-22947)

Carlos Vieira 35 Dec 28, 2022
spring-cloud-gateway-rce CVE-2022-22947
spring-cloud-gateway-rce CVE-2022-22947

Spring Cloud Gateway Actuator API SpEL่กจ่พพๅผๆณจๅ…ฅๅ‘ฝไปคๆ‰ง่กŒ๏ผˆCVE-2022-22947๏ผ‰ 1.installation pip3 install -r requirements.txt 2.Usage $ python3 spring-cloud-gateway

k3rwin 10 Sep 28, 2022
We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. ๐Ÿ•ต๏ธ

Pardus Lookout We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. The application i

Ahmet Furkan DEMIR 19 Nov 18, 2022
Generate your own NFTs and their metadata based on your desired probabilities.

Generate your own NFTs and their metadata based on your desired probabilities. Use your own art assets too! Perfect for use with Candy Machine.

hex 7 Sep 16, 2022
PrivateRoom - Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin

privateRoom Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin STEPS: Uploa

Divyanshu Kumar 3 Nov 8, 2022
This tool help you to check if your Windows machine has hidden miner.

Hidden Miner Detector This tool help you to check if your Windows machine has hidden miner. Miners track when you open antivirus software or task mana

ะะธะบะพะปะฐะน ะ‘ะพั€ั‰ั‘ะฒ 2 Oct 5, 2022
Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions

dns-mf-hazard Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions How to use it? Installation You need python

Marek Wajdzik 2 Jan 1, 2022
NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network
NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network

NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network. It applies to all linux operating systems. And it is improving every day, new packages are added. Thank You For Using NIVOS : [NIVOS Created By NIVO Team]

Error 263 Jan 1, 2023
All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. ๐ŸŽญ

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. ๐ŸŽญ

Cracker 331 Jan 1, 2023
Comments
  • Add Poetry and shining tools

    Add Poetry and shining tools

    Hello! Thanks for this project!

    I'm just adding some basic python tools like Poetry to run and format files at this project following PEP8 guidelines.

    opened by lays147 1
  • Add support to Azure cloud

    Add support to Azure cloud

    Is your feature request related to a problem? Please describe. A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

    Describe the solution you'd like A clear and concise description of what you want to happen.

    Describe alternatives you've considered A clear and concise description of any alternative solutions or features you've considered.

    Additional context Add any other context or screenshots about the feature request here.

    opened by murksombra 0
Releases(1.0)

  • 1.0(Jul 14, 2021)

    The very first release of our OSS. Currently checking:

    • MFA users
    • Encrypted (S3, RDS and CloudTrail)
    • VPC logging
    • Exposed (RDS, S3, KMS and EBS)
    • Password Policy requirements
    Source code(tar.gz)
    Source code(zip)
Owner
visius
visius
GitHub Repository
A gui application used for network reconnaissance while pentesting

netrecon A gui application used for network reconnaissance while pentesting

Krisna Pranav 4 Sep 03, 2022
CVE-2021-41773 Path Traversal for Apache 2.4.49

CVE-2021-41773 Path Traversal for Apache 2.4.49

ac1d 3 Oct 20, 2021
A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck

Malware Configuration Extractor A Malware Configuration Extraction Tool and Modules for MalDuck This project is FREE as in FREE ๐Ÿบ , use it commercial

c3rb3ru5 103 Dec 18, 2022
Just your basic port scanner - with multiprocessing capabilities & further nmap enumeration.

Just-Your-Basic-Port-Scanner Just your basic port scanner - with multiprocessing capabilities & further nmap enumeration. Use at your own discretion,

Edward Zhou 0 Nov 06, 2021
A terminal based web shell controller

shell-hack Tribute to Chinese ant sword๏ผ› A Powerful terminal based webshell controller๏ผ› Usage : Usage : python3 shell-hack.py --url [URL] --w

s1mple 10 Dec 28, 2021
GRR Rapid Response: remote live forensics for incident response

GRR Rapid Response is an incident response framework focused on remote live forensics. Build Type Status Tests End-to-end Tests Windows Templates Linu

Google 4.3k Jan 05, 2023
๐™พ๐š™๐šŽ๐š— ๐š‚๐š˜๐šž๐š›๐šŒ๐šŽ ๐š‚๐šŒ๐š›๐š’๐š™๐š - ๐™ฝ๐š˜ ๐™ฒ๐š˜๐š™๐šข๐š›๐š’๐š๐š‘๐š - ๐šƒ๐šŽ๐šŠ๐š– ๐š†๐š˜๐š›๐š” - ๐š‚๐š’๐š–๐š™๐š•๐šŽ ๐™ฟ๐šข๐š๐š‘๐š˜๐š— ๐™ฟ๐š›๐š˜๐š“๐šŽ๐šŒ๐š - ๐™ฒ๐š›๐šŽ๐šŠ๐š๐šŽ๐š ๐™ฑ๐šข : ๐™ฐ๐š•๐š• ๐šƒ๐šŽ๐šŠ๐š– - ๐™ฒ๐š˜๐š™๐šข๐™ฟ๐šŠ๐šœ๐š ๐™ฒ๐šŠ๐š— ๐™ฝ๐š˜๐š ๐™ผ๐šŠ๐š”๐šŽ ๐šˆ๐š˜๐šž ๐š๐šŽ๐šŠ๐š• ๐™ฟ๐š›๐š˜๐š๐š›๐šŠ๐š–๐š–๐šŽ๐š›

๐™พ๐š™๐šŽ๐š— ๐š‚๐š˜๐šž๐š›๐šŒ๐šŽ ๐š‚๐šŒ๐š›๐š’๐š™๐š - ๐™ฝ๐š˜ ๐™ฒ๐š˜๐š™๐šข๐š›๐š’๐š๐š‘๐š - ๐šƒ๐šŽ๐šŠ๐š– ๐š†๐š˜๐š›๐š” - ๐š‚๐š’๐š–๐š™๐š•๐šŽ ๐™ฟ๐šข๐š๐š‘๐š˜๐š— ๐™ฟ๐š›๐š˜๐š“๐šŽ๐šŒ๐š - ๐™ฒ๐š›๐šŽ๐šŠ๐š๐šŽ๐š ๐™ฑ๐šข : ๐™ฐ๐š•๐š• ๐šƒ๐šŽ๐šŠ๐š– - ๐™ฒ๐š˜๐š™๐šข๐™ฟ๐šŠ๐šœ๐š ๐™ฒ๐šŠ๐š— ๐™ฝ๐š˜๐š ๐™ผ๐šŠ๐š”๐šŽ ๐šˆ๐š˜๐šž ๐š๐šŽ๐šŠ๐š• ๐™ฟ๐š›๐š˜๐š๐š›๐šŠ๐š–๐š–๐šŽ๐š›

CodeX-ID 2 Oct 27, 2022
Generates password lists/dictionaries based on keywords written in python3.

dicbyru Introduction Generates password lists/dictionaries based on keywords. It uses the keywords and adds capital letters, numbers and special chara

ru55o 2 Oct 31, 2022
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Pupy Installation Installation instructions are on the wiki, in addition to all other documentation. For maximum compatibility, it is recommended to u

7.4k Jan 04, 2023
๐Ÿƒ Python Solutions of All Problems in FHC 2021 (In Progress)

FacebookHackerCup-2021 Python solutions of Facebook Hacker Cup 2021. Solution begins with * means it will get TLE in the largest data set (total compu

kamyu 14 Oct 15, 2022
A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence of a file

A script based on sqlmap that uses sql injection vulnerabilities to traverse the existence o

2 Nov 09, 2022
A web-app helping to create strong passwords that are easy to remember.

This is a simple Web-App that demonstrates a method of creating strong passwords that are still easy to remember. It also provides time estimates how long it would take an attacker to crack a passwor

2 Jun 04, 2021
ๅฏนnaabu็š„็ซฏๅฃๆ‰ซๆ็ป“ๆžœ๏ผŒ่ฐƒ็”จnmap่ฟ›่กŒๆŒ‡็บน่ฏ†ๅˆซ

naabu2nmap ๅฏนnaabu็š„็ซฏๅฃๆ‰ซๆ็ป“ๆžœ๏ผŒ่ฐƒ็”จnmap่ฟ›่กŒๆŒ‡็บน่ฏ†ๅˆซ

Se7en 12 Nov 22, 2022
Script Crack Facebook Premium ๐Ÿšถโ€โ™‚

prem Script Crack Facebook Premium ๐Ÿšถโ€โ™‚ Install Script $ pkg update && pkg update $ termux-setup-storage $ pkg install git $ pkg install python $ pip

Yumasaa 1 Dec 03, 2021
Mass scan for .git repository and .env file exposure

Mass .Git repository and .Env file Scan by Scarmandef Scanner to find .env file and .git repository exposure on multiple hosts Because of the response

8 Jun 23, 2022
Tool to scan for RouterOS (Mikrotik) forensic artifacts and vulnerabilities.

RouterOS Scanner Forensics tool for Mikrotik devices. Search for suspicious properties and weak security points that need to be fixed on the router. T

Microsoft 823 Dec 21, 2022
Small python script to look for common vulnerabilities on SMTP server.

BrokenSMTP BrokenSMTP is a python3 BugBounty/Pentesting tool to look for common vulnerabilities on SMTP server. Supported Vulnerability : Spoofing - T

39 Dec 16, 2022
Password List Creator Simple !

Password List Creator Simple !

MR.D3F417 4 Jan 27, 2022
EyeJoๆ˜ฏไธ€ๆฌพ่‡ชๅŠจๅŒ–่ต„ไบง้ฃŽ้™ฉ่ฏ„ไผฐๅนณๅฐ๏ผŒๅฏไปฅๅๅŠฉ็”ฒๆ–นๅฎ‰ๅ…จไบบๅ‘˜ๆˆ–ไน™ๆ–นๅฎ‰ๅ…จไบบๅ‘˜ๅฏนๆŽˆๆƒ็š„่ต„ไบงไธญ่ฟ›่กŒๆŽ’ๆŸฅ๏ผŒๅฟซ้€Ÿๅ‘็Žฐๅญ˜ๅœจ็š„่–„ๅผฑ็‚นๅ’Œๆ”ปๅ‡ป้ขใ€‚

EyeJo EyeJoๆ˜ฏไธ€ๆฌพ่‡ชๅŠจๅŒ–่ต„ไบง้ฃŽ้™ฉ่ฏ„ไผฐๅนณๅฐ๏ผŒๅฏไปฅๅๅŠฉ็”ฒๆ–นๅฎ‰ๅ…จไบบๅ‘˜ๆˆ–ไน™ๆ–นๅฎ‰ๅ…จไบบๅ‘˜ๅฏนๆŽˆๆƒ็š„่ต„ไบงไธญ่ฟ›่กŒๆŽ’ๆŸฅ๏ผŒๅฟซ้€Ÿๅ‘็Žฐๅญ˜ๅœจ็š„่–„ๅผฑ็‚นๅ’Œๆ”ปๅ‡ป้ขใ€‚ ๅ…่ดฃๅฃฐๆ˜Ž ๆœฌๅนณๅฐ้›†ๆˆไบ†ๅคง้‡็š„ไบ’่”็ฝ‘ๅ…ฌๅผ€ๅทฅๅ…ท๏ผŒไธป่ฆๆ˜ฏๆ–นไพฟๅฎ‰ๅ…จไบบๅ‘˜ๆ•ด็†ใ€ๆŽ’ๆŸฅ่ต„ไบงใ€ๅฎ‰ๅ…จๆต‹่ฏ•็ญ‰๏ผŒๅˆ‡ๅ‹ฟ็”จไบŽ้žๆณ•็”จ้€”ใ€‚ไฝฟ็”จ่€…ๅญ˜ๅœจๅฑๅฎณ็ฝ‘็ปœๅฎ‰ๅ…จ็ญ‰ไปปไฝ•้žๆณ•่กŒไธบ๏ผŒๅŽๆžœ่‡ช่ดŸ๏ผŒไฝœ

429 Dec 31, 2022
TightVNC Vulnerability.

CVE-2022-23967 In TightVNC 1.3.10, there is an integer signedness error and resultant heap-based buffer overflow in InitialiseRFBConnection in rfbprot

MaherAzzouzi 15 Jul 11, 2022