Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/sebastian-mora/AWS-Loot
Pull secrets from an AWS environment
https://github.com/sebastian-mora/AWS-Loot
aws pentest-tool pentesting red-team security security-tools
Last synced: about 2 months ago
JSON representation
Pull secrets from an AWS environment
- Host: GitHub
- URL: https://github.com/sebastian-mora/AWS-Loot
- Owner: sebastian-mora
- Created: 2020-02-02T00:25:46.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2020-02-02T00:51:56.000Z (almost 5 years ago)
- Last Synced: 2024-08-05T17:44:25.689Z (5 months ago)
- Topics: aws, pentest-tool, pentesting, red-team, security, security-tools
- Language: Python
- Homepage:
- Size: 99.6 KB
- Stars: 69
- Watchers: 4
- Forks: 25
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - sebastian-mora/AWS-Loot - Pull secrets from an AWS environment (Python)
README
# AWS_Loot
Searches an AWS environment looking for secrets, by enumerating environment variables and source code. This tool allows quick enumeration over large sets of AWS instances and services.
![](screenshot/tool.gif)
## Install
```
pip install -r requirements.txt
```
An AWS credential file (.aws/credentials) is required for authentication to the target environment
- Access Key
- Access Key Secret## How it works
Awsloot works by going through EC2, Lambda, CodeBuilder instances and searching for high entropy strings. The EC2 Looter works by querying all available instance ID's in all regions and requesting instance's USERDATA where often developers leave secrets.
The Lambda looter operates across regions as well. Lambada looter can search all available versions of a found function.
It starts by searching the functions environment variables then downloads the source code and scans the source for secrets.
The Codebuilder Looter works by searching for build instances and searching those builds for environment variables that might contain secrets.## Usage
```
Python3 awsloot.py
```
## Next Features
- Allow users to specify an ARN to scan
- Looter for additional services