{"id":42307808,"url":"https://github.com/ReversecLabs/cloud-security-vm","last_synced_at":"2026-02-18T09:01:16.067Z","repository":{"id":257618681,"uuid":"857759097","full_name":"ReversecLabs/cloud-security-vm","owner":"ReversecLabs","description":"Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments","archived":false,"fork":false,"pushed_at":"2025-01-02T18:12:27.000Z","size":20,"stargazers_count":141,"open_issues_count":0,"forks_count":12,"subscribers_count":8,"default_branch":"main","last_synced_at":"2026-02-05T00:34:32.927Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ReversecLabs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-09-15T14:39:25.000Z","updated_at":"2026-01-13T11:17:21.000Z","dependencies_parsed_at":null,"dependency_job_id":"5c5ecb52-ee35-4028-be80-e2bc11261a14","html_url":"https://github.com/ReversecLabs/cloud-security-vm","commit_stats":null,"previous_names":["withsecurelabs/cloud-security-vm","reverseclabs/cloud-security-vm"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/ReversecLabs/cloud-security-vm","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ReversecLabs%2Fcloud-security-vm","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ReversecLabs%2Fcloud-security-vm/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ReversecLabs%2Fcloud-security-vm/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ReversecLabs%2Fcloud-security-vm/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ReversecLabs","download_url":"https://codeload.github.com/ReversecLabs/cloud-security-vm/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ReversecLabs%2Fcloud-security-vm/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29574065,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-18T08:38:15.585Z","status":"ssl_error","status_checked_at":"2026-02-18T08:38:14.917Z","response_time":162,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-01-27T11:12:46.285Z","updated_at":"2026-02-18T09:01:16.061Z","avatar_url":"https://github.com/ReversecLabs.png","language":"HCL","funding_links":[],"categories":["HCL"],"sub_categories":[],"readme":"# Cloud Testing VM\n\nThis is the necessary scripts to build and run a Ubuntu virtual machine that has a number of common cloud assessment tools pre-installed. It uses a combination of Vagrant and Ansible to deploy the VM and configure it if running locally. You can also build a version as an AWS AMI.\n\n## Tools\n\nThese should all be present in the path by default.\n\n| Tool               | Description                                                 | URL                                                |\n| ------------------ | ----------------------------------------------------------- | -------------------------------------------------- |\n| `aws`              | AWS CLI                                                     |                                                    |\n| `az`               | Azure CLI                                                   |                                                    |\n| `gcloud`           | Google Cloud Platform CLI                                   |                                                    |\n| `kubectl`          | CLI for interacting with Kubernetes clusters                |                                                    |\n| `amicontained`     | Container introspection and runtime enumeration             | \u003chttps://github.com/genuinetools/amicontained\u003e     |\n| `am-i-isolated`    | Container introspection and runtime enumeration             | \u003chttps://github.com/edera-dev/am-i-isolated\u003e       |\n| `auger`            | Tool for accessing objects stored in etcd directly          | \u003chttps://github.com/jpbetz/auger\u003e                  |\n| `aws-vault`        | Secure storage of AWS credentials                           | \u003chttps://github.com/99designs/aws-vault\u003e           |\n| `azurehound`       | Azure collector for Bloodhound CE                           | \u003chttps://github.com/BloodHoundAD/AzureHound\u003e       |\n| `bloodhound`       | Entra ID, Azure and Active Directory permission mapping\\*   | \u003chttps://github.com/SpecterOps/BloodHound/\u003e        |\n| `cartography`      | Resource relationship mapper                                | \u003chttps://github.com/lyft/cartography\u003e              |\n| `checkov`          | Terraform static analysis and security auditing             | \u003chttps://github.com/bridgecrewio/checkov\u003e          |\n| `cloudfox`         | AWS Exploitation toolkit                                    | \u003chttps://github.com/BishopFox/cloudfox\u003e            |\n| `cloudsplaining`   | Identify risks in IAM policies                              | \u003chttps://github.com/salesforce/cloudsplaining\u003e     |\n| `detect-secrets`   | Scan for secrets in code repositories (docker image)        | \u003chttps://github.com/Yelp/detect-secrets\u003e           |\n| `enumerate-iam`    | Find permissions for a given set of AWS IAM credentials     | \u003chttps://github.com/skybound1/enumerate-iam\u003e       |\n| `etcdctl`          | CLI client for etcd                                         | \u003chttps://github.com/etcd-io/etcd/\u003e                 |\n| `freezer`          | Download tool for IceKube                                   | \u003chttps://github.com/withsecurelabs/freezer\u003e        |\n| `iamgraph`         | Graph out role assumption through an AWS organization       | \u003chttps://github.com/withsecurelabs/iamgraph\u003e       |\n| `iamspy`           | IAM policy evaluator using formal methods                   | \u003chttps://github.com/withsecurelabs/iamspy\u003e         |\n| `icekube`          | Kubernetes attack path graph generation                     | \u003chttps://github.com/withsecurelabs/icekube\u003e        |\n| `jq`               | JSON parser and processor                                   | \u003chttps://github.com/jqlang/jq\u003e                     |\n| `kics`             | Infrastructure as code vulnerability scanner (docker image) | \u003chttps://github.com/Checkmarx/kics\u003e                |\n| `kubectl-who-can`  | Query and enumerate permissions in a Kubernetes cluster     | \u003chttps://github.com/aquasecurity/kubectl-who-can/\u003e |\n| `kubehound`        | Kubernetes identity and permission graphing                 | \u003chttps://github.com/DataDog/KubeHound\u003e             |\n| `pacu`             | AWS exploitation framework                                  | \u003chttps://github.com/RhinoSecurityLabs/pacu\u003e        |\n| `pmapper`          | AWS IAM evaluator                                           | \u003chttps://github.com/nccgroup/PMapper\u003e              |\n| `prowler`          | AWS security auditing tooling                               | \u003chttps://github.com/toniblyx/prowler\u003e              |\n| `roadtools`        | Entra ID reconnaissance framework                           | \u003chttps://github.com/dirkjanm/ROADtools\u003e            |\n| `rbac-lookup`      | Tool for looking up Kubernetes roles and cluster roles      | \u003chttps://github.com/FairwindsOps/rbac-lookup\u003e      |\n| `scoutsuite`       | Multi-cloud audit tool                                      | \u003chttps://github.com/nccgroup/ScoutSuite\u003e           |\n| `stratus-red-team` | Multi-cloud TTP simulation tool                             | \u003chttps://github.com/DataDog/stratus-red-team/\u003e     |\n| `terrascan`        | Terraform code scanning tool (docker image)                 | \u003chttps://github.com/tenable/terrascan\u003e             |\n| `tfsec`            | Terraform code scanning tool (docker image)                 | \u003chttps://github.com/aquasecurity/tfsec\u003e            |\n| `trivy`            | Container CVE \u0026 security issue scanner (docker container)   | \u003chttps://github.com/aquasecurity/trivy\u003e            |\n| `yq`               | YAML parser and processor                                   | \u003chttps://github.com/mikefarah/yq\u003e                  |\n\n\\*Bloodhound is the Bloodhound CE version, included as a `docker-compose` file in `~/bloodhound/`. Follow instructions in their repo to use it.\n\n## Local Use\n\n### Prerequisites\n\n- Vagrant [https://www.vagrantup.com/](https://www.vagrantup.com/)\n- Virtualbox\n- The vagrant-vbguest Vagrant plugin (once vagrant is installed, run `vagrant plugin install vagrant-vbguest`)\n\n### Setup\n\n- Run `vagrant up` to build the VM\n- Run `vagrant ssh` to get a terminal inside the VM\n- Tools are on the path.\n\n## AWS AMI Building\n\n- `packer init aws-ubuntu.pkr.hcl`\n- `packer build aws-ubuntu.pkr.hcl` while configured with the right AWS profile\n\n## TO DO\n\n- Update docs to detail how to build AMIs\n- Update packer to build local VMs for virtualbox and VMWare\n- Update packer to create vagrant boxes for virtualbox and vmware\n\n### Tools to add\n\n- \u003chttps://github.com/hotnops/apeman\u003e\n- Powershell\n- \u003chttps://github.com/BloodHoundAD/BARK\u003e\n- \u003chttps://github.com/DataDog/guarddog\u003e\n- \u003chttps://github.com/turbot/steampipe\u003e\n- All the project discovery stuff\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FReversecLabs%2Fcloud-security-vm","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FReversecLabs%2Fcloud-security-vm","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FReversecLabs%2Fcloud-security-vm/lists"}