Automating the AWS auditing process.
- Clone the repository.
git clone [email protected]:danielnbalasoiu/auditBox.git && cd auditBox
- Copy or rename
env.list.example
toenv.list
.
cp env.list.example env.list
- Replace
REDACTED
values with your own. - Run the audit
make all
- Check audit results stored inside
auditbox-results
directory.
❯ make
Usage:
make <target>
all 🚀 Build dependencies and run all auditing tools 🔒🔍
Deps
install-deps ❌ (out of scope) Install git and docker if you want to continue
build-n-run 🛠️ 🐳 Build and start the containers
Audit
audit 🔥 Fire up all auditing tools (Prowler, ScoutSuite, CloudSplaining, PMapper, CloudSploit)
cloudsplaining 🔍 Audit AWS account with CloudSplaining
pmapper 🔍 Evaluate IAM permissions in AWS
prowler 🔍 Audit AWS account with Prowler v3
prowler-v2 🔍 Audit AWS account with Prowler v2
scoutsuite 🔍 Audit AWS account with ScoutSuite
cloudsploit 🔍 Audit AWS account with CloudSploit
gather-results 💾 Copy all scan results locally in auditbox-results directory
Cleanup
clean 🧹 Delete scan results, stop and delete containers
Debug
restart 🔄 Restart all containers
dexec (Debug) Docker exec into auditbox
Helpers
help ❔ Display this help menu