Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/nccgroup/ScoutSuite
Multi-Cloud Security Auditing Tool
https://github.com/nccgroup/ScoutSuite
auditing aws azure cloud gcp security
Last synced: about 1 month ago
JSON representation
Multi-Cloud Security Auditing Tool
- Host: GitHub
- URL: https://github.com/nccgroup/ScoutSuite
- Owner: nccgroup
- License: gpl-2.0
- Created: 2018-10-30T11:46:54.000Z (about 6 years ago)
- Default Branch: master
- Last Pushed: 2024-04-12T12:57:36.000Z (8 months ago)
- Last Synced: 2024-04-14T07:57:57.110Z (8 months ago)
- Topics: auditing, aws, azure, cloud, gcp, security
- Language: Python
- Homepage:
- Size: 19.4 MB
- Stars: 6,132
- Watchers: 127
- Forks: 993
- Open Issues: 229
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
Awesome Lists containing this project
- awesome-cybersecurity-blueteam - Scout Suite - Open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. (Cloud platform security / Security Orchestration, Automation, and Response (SOAR))
- DevSecOps - https://github.com/nccgroup/ScoutSuite - the-badge) | (Multi-Cloud)
- awesome-repositories - nccgroup/ScoutSuite - Multi-Cloud Security Auditing Tool (Python)
- awesome-aws-security - ScoutSuite - Multi-Cloud Security Auditing Tool (Tools of Trade)
- awesome-entra - ScoutSuite - Multi-Cloud Security auditing tool. [![stars](https://badgen.net/github/stars/nccgroup/ScoutSuite)](https://badgen.net/github/stars/nccgroup/ScoutSuite) (Tools / CLI)
- awesome-cloud-security - ScoutSuite - cloud security auditing tool. (Infrastructure)
- awesomeness - ScoutSuite - Multi-cloud security auditing tool. (🔒 Security / ☸️ Kubernetes)
- Awesome-Azure-Pentest - ScoutSuite - Multi-cloud security auditing tool. Security posture assessment of different cloud environments. (Tools / Enumeration)
- awesome-hacking-lists - nccgroup/ScoutSuite - Multi-Cloud Security Auditing Tool (Python)
- awesome-soc - ScootSuite
- awesome-devsecops-russia - ScoutSuite
- awesome-cloud-sec - ScoutSuite - - Multi-Cloud Security Auditing Tool (Other Awesome Lists / Subdomain Takeover)
- awesome-cloud-security - 地址
- awesome-cybersecurity-blueteam-cn - Scout Suite - 开源的多云安全审核工具,可用于评估云环境的安全状态 (云平台安全 / 安全编排自动化与响应)
README
#
[![Workflow](https://github.com/nccgroup/ScoutSuite/workflows/CI%20Workflow/badge.svg)](https://github.com/nccgroup/ScoutSuite/actions)
[![CodeCov](https://codecov.io/gh/nccgroup/ScoutSuite/branch/master/graph/badge.svg)](https://codecov.io/gh/nccgroup/ScoutSuite)[![PyPI version](https://badge.fury.io/py/ScoutSuite.svg)](https://badge.fury.io/py/ScoutSuite)
[![PyPI downloads](https://img.shields.io/pypi/dm/scoutsuite)](https://img.shields.io/pypi/dm/scoutsuite)
[![Docker Hub](https://img.shields.io/badge/Docker%20Hub-rossja%2Fncc--scoutsuite-blue)](https://hub.docker.com/r/rossja/ncc-scoutsuite/)
[![Docker Pulls](https://img.shields.io/docker/pulls/rossja/ncc-scoutsuite.svg?style=flat-square)](https://hub.docker.com/r/rossja/ncc-scoutsuite/)## Description
Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically.
Scout Suite was designed by security consultants/auditors. It is meant to provide a point-in-time security-oriented view of the cloud account it was run in. Once the data has been gathered, all usage may be performed offline.
The project team can be contacted at .
### Cloud Provider Support
The following cloud providers are currently supported:
- Amazon Web Services
- Microsoft Azure
- Google Cloud Platform
- Alibaba Cloud (alpha)
- Oracle Cloud Infrastructure (alpha)
- Kubernetes clusters on a cloud provider (alpha)
- DigitalOcean Cloud (alpha)## Installation
Refer to the [wiki](https://github.com/nccgroup/ScoutSuite/wiki/Setup).
## Usage
Scout Suite is run through the CLI:
![Running Scout Suite](https://user-images.githubusercontent.com/13310971/78389085-22659d00-75b0-11ea-9f22-ea6fcaa6a1cd.gif)
Once this has completed, it will generate an HTML report including findings and Cloud account configuration:
![Scout Suite Report](https://user-images.githubusercontent.com/13310971/77861662-342bf680-71e4-11ea-8eed-ccaeb78c5f45.gif)
The above report was generated by running Scout Suite against https://github.com/nccgroup/sadcloud.
Additional information can be found in the [wiki](https://github.com/nccgroup/ScoutSuite/wiki).
There are also a number of handy [tools](https://github.com/nccgroup/ScoutSuite/tree/master/tools) for automation of common tasks.