Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/SygniaLabs/security-cloud-scout
https://github.com/SygniaLabs/security-cloud-scout
Last synced: 3 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/SygniaLabs/security-cloud-scout
- Owner: SygniaLabs
- License: mit
- Created: 2020-10-28T16:09:39.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2023-03-29T09:46:00.000Z (about 1 year ago)
- Last Synced: 2024-01-17T21:22:38.357Z (5 months ago)
- Language: Python
- Size: 308 KB
- Stars: 124
- Watchers: 7
- Forks: 16
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE.md
Lists
- awesome-cloud-sec - security-cloud-scout - - Cross-Cloud AWS/Azure (Other Awesome Lists / Subdomain Takeover)
- awesome-hacking-lists - SygniaLabs/security-cloud-scout - (Python)
README
[logo]: ./images/CloudScout_logo.jpg
![alt text][logo]
# About Cloud Scout
Cloud Scout is a plugin which works on top of [BloodHound](https://github.com/BloodHoundAD/BloodHound), leveraging its visualization capabilities in order to visualize cross platform attack paths.
Link to our White Paper: [link](https://blog.sygnia.co/cloud-scout-security-tool)
At this point Cloud Scout supports two frameworks [AWSPX](https://github.com/FSecureLABS/awspx) and [StormSpotter](https://github.com/Azure/Stormspotter).
Cloud Scout is able to ingest output of the mentioned frameworks into one unified database and on top of that the plugin will create relation between relevant nodes based on thier attributes.
Cloud Scout is developed by [@OlegLerner](https://twitter.com/OlegLerner), [@DVazgiel](https://twitter.com/DVazgiel) and [@IliaRabinovich](https://twitter.com/IliaRabinovich) from [Sygnia](https://sygnia.co/).
# Installation
In order to install the plugin download the GitHub repository and execute the included batch installation script with a path to BloodHound.exe as a command line argument (Assuming you already have BloodHound installed).
Example:
```batch
install.bat C:\project\BloodHound
```
### Dependencies
Cloud Scout has a few dependencies related to the installation.
- [BloodHound](https://github.com/BloodHoundAD/BloodHound)
- [git](https://git-scm.com/)
- python
- pipenv
In our experience for environments with about ~2 million relations and hundereds of thousands of nodes, for optimal performance it is recommended to use a machine with 16GB RAM
# Examples
Full Domain compromise leveraging Azure
[example1]: ./images/e1.jpg
![alt text][example1]
AWS take over leveraging Azure and AWS permissions
[example2]: ./images/e2.jpg
![alt text][example2]
Network data mapping
[example3]: ./images/e3.jpg
![alt text][example3]
# License
[MIT](./LICENSE.md)