Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ustayready/cloudgpt

Vulnerability scanner for AWS customer managed policies using ChatGPT
https://github.com/ustayready/cloudgpt

Last synced: 17 days ago
JSON representation

Vulnerability scanner for AWS customer managed policies using ChatGPT

Host: GitHub
URL: https://github.com/ustayready/cloudgpt
Owner: ustayready
Created: 2023-04-13T18:39:29.000Z (over 1 year ago)
Default Branch: master
Last Pushed: 2023-04-17T15:39:37.000Z (over 1 year ago)
Last Synced: 2024-11-05T10:44:33.339Z (about 1 month ago)
Language: Python
Homepage:
Size: 6.84 KB
Stars: 142
Watchers: 4
Forks: 20
Open Issues: 2
Metadata Files:
- Readme: readme.md

Awesome Lists containing this project

awesome-gpt-security - cloudgpt - Vulnerability scanner for AWS customer managed policies using ChatGPT (Tools / Detecting)
awesome-ChatGPT-repositories - cloudgpt - Vulnerability scanner for AWS customer managed policies using ChatGPT (Others)
awesome-hacking-lists - ustayready/cloudgpt - Vulnerability scanner for AWS customer managed policies using ChatGPT (Python)

README

CloudGPT
==================

## AWS vulnerability scanner ##
Scan customer managed AWS policies for vulnerabilities using ChatGPT.

This tool automatically redacts the customer account number by replacing them with a randomly generated account number before sending the policies to ChatGPT. Knowledge of a vulnerable policy without knowledge of the account that has the policy provisioned, is useless to OpenAI. Additionally, the internal prompt has continually returned responses starting with Yes or No, therefore, we are just parsing this portion of the response to determine vulnerability. Those using the tool should manually review the responses in the output to determine context of the response. It's not perfect but it's absolutely helpful.

Follow me on Twitter ([Mike Felch - @ustayready](https://twitter.com/ustayready))

## Basic Usage ##
### Requires OpenAI API key
```
usage: scan.py [-h] --key KEY [--profile PROFILE] [--redact]

Retrieve all customer managed policies and check the default policy version for vulnerabilities

optional arguments:
-h, --help show this help message and exit
--key KEY OpenAI API key
--profile PROFILE AWS profile name to use (default: default)
--redact Redact sensitive information in the policy document (default: True)

CloudGPT the AWS vulnerability scanner
```
*python scan.py --key ABC --profile AWSPROFILE*

## Installation ##
You can install and run with the following command:

```bash
$ git clone https://github.com/ustayready/cloudgpt
$ cd cloudgpt
~/cloudgpt $ virtualenv -p python3 .
~/cloudgpt $ source bin/activate
(cloudgpt) ~/cloudgpt $ python scan.py
```