{"id":18792817,"url":"https://github.com/deekayen/aws-pentest-inventory","last_synced_at":"2025-12-28T13:30:14.678Z","repository":{"id":138909366,"uuid":"224497356","full_name":"deekayen/aws-pentest-inventory","owner":"deekayen","description":"Generate a list of IPs and instance IDs for submitting to the Amazon Web Services penetration test request form.","archived":false,"fork":false,"pushed_at":"2021-03-08T05:31:56.000Z","size":1144,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"main","last_synced_at":"2024-12-29T15:29:32.537Z","etag":null,"topics":["aws"],"latest_commit_sha":null,"homepage":"","language":"Batchfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/deekayen.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-11-27T18:54:32.000Z","updated_at":"2021-03-16T17:27:15.000Z","dependencies_parsed_at":null,"dependency_job_id":"4d56b677-2a1a-4d60-98e4-d5bf95461cec","html_url":"https://github.com/deekayen/aws-pentest-inventory","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deekayen%2Faws-pentest-inventory","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deekayen%2Faws-pentest-inventory/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deekayen%2Faws-pentest-inventory/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deekayen%2Faws-pentest-inventory/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/deekayen","download_url":"https://codeload.github.com/deekayen/aws-pentest-inventory/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239718375,"owners_count":19685725,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws"],"created_at":"2024-11-07T21:21:56.117Z","updated_at":"2025-12-28T13:30:14.631Z","avatar_url":"https://github.com/deekayen.png","language":"Batchfile","funding_links":[],"categories":[],"sub_categories":[],"readme":"AWS Penetration Test Request Form Info Generator\r\n================================================\r\n\r\n[![license](https://img.shields.io/badge/license-MIT%20License-blue.svg)]()\r\n[![Project Status: Unsupported – The project has reached a stable, usable state but the author(s) have ceased all work on it. A new maintainer may be desired.](https://www.repostatus.org/badges/latest/unsupported.svg)](https://www.repostatus.org/#unsupported)\r\n\r\nGenerates a list of instance IDs and IP addresses using an interactive\r\ncommandline script. The output is suitable for submitting the form penetration\r\nrequest form at https://aws.amazon.com/forms/penetration-testing-request.\r\n\r\nThe script utilizes the AWS CLI. It generates a list of VPCs based on whether\r\nthey contain an instance tagged `Name=Nessus`, `Value=true`. Of those VPCs, only\r\ninstances in a _running_ state are included in the output.\r\n\r\nAmazon restricts which types of instances may be scanned for vulnerabilities.\r\nThe output uses a whitelist of instance sizes which omits the t1.micro and\r\nm1.small sizes on the restricted list.\r\n\r\nRequirements\r\n------------\r\n\r\nAWS CLI:\r\nhttps://aws.amazon.com/cli/\r\n\r\n### macOS install\r\n\r\n```\r\nsudo pip install --ignore-installed --upgrade awscli\r\n```\r\n\r\nConfiguration\r\n-------------\r\n\r\nThe AWS profiles are hard-coded in the batch script to `development`,\r\n`production`, and `customer`.\r\n\r\nThe headings of the credentials file in your home directory\r\n(`~/.aws/credentials` or `C:\\Users\\user\\.aws\\credentials`).\r\n\r\nThe credentials must match the hard-coded profile references at the top of the\r\nscript.\r\n\r\n```\r\n[development]\r\naws_access_key_id = AKIAICDDQ7HNOUFQKRZQ\r\naws_secret_access_key = 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\r\n\r\n[production]\r\naws_access_key_id = AKIAIWK4NACG54KKIQIQ\r\naws_secret_access_key = 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\r\n\r\n[customer]\r\naws_access_key_id = AKIAJHQD7J7AAAISF7HQ\r\naws_secret_access_key = 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\r\n```\r\n\r\nUsage\r\n-----\r\n\r\nThe prompts will generate all the relevant target and source IPs,\r\nalong with instance IDs for a specific region in a single AWS account.\r\n\r\nThe output of the script will be created in the same directory as the script.\r\n\r\n### Windows\r\n\r\nFrom Windows Explorer, double-click the `aws_pentest_form_data_generator.bat`\r\nfile to begin. The prompts will generate all the relevant target and source IPs,\r\nalong with instance IDs for a specific region in a single AWS account.\r\n\r\nDo not attempt to run the array.bat file directly - it is a support library\r\nfor the main batch file.\r\n\r\n### MacOS/Linux\r\n\r\nBe sure the shell script is executable.\r\n\r\n```\r\nchmod 755 aws_pentest_form_data_generator.sh\r\n```\r\n\r\nIn Terminal, navigate to the `aws_pentest_form_data_generator.sh` and run it.\r\n\r\n```\r\n./aws_pentest_form_data_generator.sh\r\n```\r\n\r\nOutput\r\n------\r\n\r\nThe separate IP files are intended to fill individual scan zones in the\r\napplication super administrator account of vulnerability scan dashboard and the\r\nasset lists in the organization account. The other two bulk files can be\r\ncopy/pasted to the AWS form.\r\n\r\n### Copy/paste to AWS form\r\n\r\n* development_us-west-2_destination_ips.txt\r\n* development_us-west-2_source_ips.txt\r\n* development_us-west-2_target_instance_ids.txt\r\n\r\nA sample of the Amazon\r\n\r\n### Copy/paste to vulnerability scanner asset lists\r\n\r\n* development_us-west-2_vpc-1234abcd_ips.txt\r\n\r\n[![AWS Vulnerability Penetration Testing Request Form screenshot](AWS_Vulnerability_Penetration_Testing_Request_Form.png)]()\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeekayen%2Faws-pentest-inventory","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdeekayen%2Faws-pentest-inventory","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeekayen%2Faws-pentest-inventory/lists"}