An open API service indexing awesome lists of open source software.

https://github.com/deekayen/aws-pentest-inventory

Generate a list of IPs and instance IDs for submitting to the Amazon Web Services penetration test request form.
https://github.com/deekayen/aws-pentest-inventory

aws

Last synced: 6 months ago
JSON representation

Generate a list of IPs and instance IDs for submitting to the Amazon Web Services penetration test request form.

Awesome Lists containing this project

README

          

AWS Penetration Test Request Form Info Generator
================================================

[![license](https://img.shields.io/badge/license-MIT%20License-blue.svg)]()
[![Project Status: Unsupported – The project has reached a stable, usable state but the author(s) have ceased all work on it. A new maintainer may be desired.](https://www.repostatus.org/badges/latest/unsupported.svg)](https://www.repostatus.org/#unsupported)

Generates a list of instance IDs and IP addresses using an interactive
commandline script. The output is suitable for submitting the form penetration
request form at https://aws.amazon.com/forms/penetration-testing-request.

The script utilizes the AWS CLI. It generates a list of VPCs based on whether
they contain an instance tagged `Name=Nessus`, `Value=true`. Of those VPCs, only
instances in a _running_ state are included in the output.

Amazon restricts which types of instances may be scanned for vulnerabilities.
The output uses a whitelist of instance sizes which omits the t1.micro and
m1.small sizes on the restricted list.

Requirements
------------

AWS CLI:
https://aws.amazon.com/cli/

### macOS install

```
sudo pip install --ignore-installed --upgrade awscli
```

Configuration
-------------

The AWS profiles are hard-coded in the batch script to `development`,
`production`, and `customer`.

The headings of the credentials file in your home directory
(`~/.aws/credentials` or `C:\Users\user\.aws\credentials`).

The credentials must match the hard-coded profile references at the top of the
script.

```
[development]
aws_access_key_id = AKIAICDDQ7HNOUFQKRZQ
aws_secret_access_key = 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

[production]
aws_access_key_id = AKIAIWK4NACG54KKIQIQ
aws_secret_access_key = 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

[customer]
aws_access_key_id = AKIAJHQD7J7AAAISF7HQ
aws_secret_access_key = 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
```

Usage
-----

The prompts will generate all the relevant target and source IPs,
along with instance IDs for a specific region in a single AWS account.

The output of the script will be created in the same directory as the script.

### Windows

From Windows Explorer, double-click the `aws_pentest_form_data_generator.bat`
file to begin. The prompts will generate all the relevant target and source IPs,
along with instance IDs for a specific region in a single AWS account.

Do not attempt to run the array.bat file directly - it is a support library
for the main batch file.

### MacOS/Linux

Be sure the shell script is executable.

```
chmod 755 aws_pentest_form_data_generator.sh
```

In Terminal, navigate to the `aws_pentest_form_data_generator.sh` and run it.

```
./aws_pentest_form_data_generator.sh
```

Output
------

The separate IP files are intended to fill individual scan zones in the
application super administrator account of vulnerability scan dashboard and the
asset lists in the organization account. The other two bulk files can be
copy/pasted to the AWS form.

### Copy/paste to AWS form

* development_us-west-2_destination_ips.txt
* development_us-west-2_source_ips.txt
* development_us-west-2_target_instance_ids.txt

A sample of the Amazon

### Copy/paste to vulnerability scanner asset lists

* development_us-west-2_vpc-1234abcd_ips.txt

[![AWS Vulnerability Penetration Testing Request Form screenshot](AWS_Vulnerability_Penetration_Testing_Request_Form.png)]()