One stop tool for auditing the security posture of AWS.
Pre-requisites
Python 2.7
pip
git
Installation
git clone https://github.com/SecurityFTW/cs-suite.git
cd cs-suite/
sudo python setup.py
Note - Generate a set of ReadOnly AWS keys which the tool will ask to finish the installation process.Virtual Environment installation
(So you don't mess with the already installed python libraries)
pip install virtualenvironmentwrapper
add it to the respective rc file of your shell (bashrc/zshrc) (for fish shell users check virtualfish)echo "source /usr/local/bin/virtualenvwrapper.sh" >> ~/.bashrc
source the file source ~/.bashrc
Run env: cd cs-suite/
mkvirtualenv cssuite
workon cssuite
pip install -r requirements-virtual.txt
aws configure
Once installation is done, the tool will ask you for the AWS keys and region. These two are mandatory for the tool to work.Run
python cs.py
Documentation
https://securityftw.github.io/Docs/
Videos
Installation and running CS Suite:
This is how you can audit a linux instance:
This is how you can audit a windows instance: