https://github.com/ReversecLabs/cloud-security-vm
Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments
https://github.com/ReversecLabs/cloud-security-vm
Last synced: 5 months ago
JSON representation
Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments
- Host: GitHub
- URL: https://github.com/ReversecLabs/cloud-security-vm
- Owner: ReversecLabs
- License: apache-2.0
- Created: 2024-09-15T14:39:25.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2025-01-02T18:12:27.000Z (over 1 year ago)
- Last Synced: 2026-02-05T00:34:32.927Z (5 months ago)
- Language: HCL
- Size: 19.5 KB
- Stars: 141
- Watchers: 8
- Forks: 12
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Cloud Testing VM
This is the necessary scripts to build and run a Ubuntu virtual machine that has a number of common cloud assessment tools pre-installed. It uses a combination of Vagrant and Ansible to deploy the VM and configure it if running locally. You can also build a version as an AWS AMI.
## Tools
These should all be present in the path by default.
| Tool | Description | URL |
| ------------------ | ----------------------------------------------------------- | -------------------------------------------------- |
| `aws` | AWS CLI | |
| `az` | Azure CLI | |
| `gcloud` | Google Cloud Platform CLI | |
| `kubectl` | CLI for interacting with Kubernetes clusters | |
| `amicontained` | Container introspection and runtime enumeration | |
| `am-i-isolated` | Container introspection and runtime enumeration | |
| `auger` | Tool for accessing objects stored in etcd directly | |
| `aws-vault` | Secure storage of AWS credentials | |
| `azurehound` | Azure collector for Bloodhound CE | |
| `bloodhound` | Entra ID, Azure and Active Directory permission mapping\* | |
| `cartography` | Resource relationship mapper | |
| `checkov` | Terraform static analysis and security auditing | |
| `cloudfox` | AWS Exploitation toolkit | |
| `cloudsplaining` | Identify risks in IAM policies | |
| `detect-secrets` | Scan for secrets in code repositories (docker image) | |
| `enumerate-iam` | Find permissions for a given set of AWS IAM credentials | |
| `etcdctl` | CLI client for etcd | |
| `freezer` | Download tool for IceKube | |
| `iamgraph` | Graph out role assumption through an AWS organization | |
| `iamspy` | IAM policy evaluator using formal methods | |
| `icekube` | Kubernetes attack path graph generation | |
| `jq` | JSON parser and processor | |
| `kics` | Infrastructure as code vulnerability scanner (docker image) | |
| `kubectl-who-can` | Query and enumerate permissions in a Kubernetes cluster | |
| `kubehound` | Kubernetes identity and permission graphing | |
| `pacu` | AWS exploitation framework | |
| `pmapper` | AWS IAM evaluator | |
| `prowler` | AWS security auditing tooling | |
| `roadtools` | Entra ID reconnaissance framework | |
| `rbac-lookup` | Tool for looking up Kubernetes roles and cluster roles | |
| `scoutsuite` | Multi-cloud audit tool | |
| `stratus-red-team` | Multi-cloud TTP simulation tool | |
| `terrascan` | Terraform code scanning tool (docker image) | |
| `tfsec` | Terraform code scanning tool (docker image) | |
| `trivy` | Container CVE & security issue scanner (docker container) | |
| `yq` | YAML parser and processor | |
\*Bloodhound is the Bloodhound CE version, included as a `docker-compose` file in `~/bloodhound/`. Follow instructions in their repo to use it.
## Local Use
### Prerequisites
- Vagrant [https://www.vagrantup.com/](https://www.vagrantup.com/)
- Virtualbox
- The vagrant-vbguest Vagrant plugin (once vagrant is installed, run `vagrant plugin install vagrant-vbguest`)
### Setup
- Run `vagrant up` to build the VM
- Run `vagrant ssh` to get a terminal inside the VM
- Tools are on the path.
## AWS AMI Building
- `packer init aws-ubuntu.pkr.hcl`
- `packer build aws-ubuntu.pkr.hcl` while configured with the right AWS profile
## TO DO
- Update docs to detail how to build AMIs
- Update packer to build local VMs for virtualbox and VMWare
- Update packer to create vagrant boxes for virtualbox and vmware
### Tools to add
-
- Powershell
-
-
-
- All the project discovery stuff