This is a post merge after having added in dynamic module loading. Merge branch 'master' of https://github.com/carnal0wnage/weirdAAL into more_meta

2018-04-12 23:59:00 -04:00
parent 78916326b9 c917df7dde
commit 9082908be5
53 changed files with 2081 additions and 964 deletions
--- a/modules/aws_lambda.py
+++ b/modules/aws_lambda.py
@@ -0,0 +1,13 @@
+'''
+This file is used to list lambda functions and event mappings
+'''
+from libs.aws_lambda import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+
+def step_lambda_list_functions():
+    list_functions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+def step_lambda_list_event_source_mappings():
+    list_event_source_mappings(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/ce.py
+++ b/modules/ce.py
@@ -0,0 +1,12 @@
+'''
+This file is used to perform various Cost Explorer operations
+usually have to be root or be specifically assigned the
+permission to get anything from this
+'''
+
+from libs.ce import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+
+def step_cost_explorer_get_cost_and_usage():
+    ce_get_cost_and_usage(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/cloudtrail.py
+++ b/modules/cloudtrail.py
@@ -0,0 +1,13 @@
+'''
+This file is used to perform cloudtrail actions
+'''
+from libs.cloudtrail import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+
+def step_cloudtrail_describe_trails():
+    describe_trails(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+def step_cloudtrail_list_public_keys():
+    list_public_keys(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/cloudwatch.py
+++ b/modules/cloudwatch.py
@@ -0,0 +1,15 @@
+'''
+example calling cloudwatch functions
+decribe alarms, describe alarm history, list metrics
+'''
+from libs.cloudwatch import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+def step_cloudwatch_describe_alarms():
+    describe_alarms(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+def step_cloudwatch_describe_alarm_history():
+    describe_alarm_history(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+def step_cloudwatch_list_metrics():
+    list_metrics(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/datapipeline.py
+++ b/modules/datapipeline.py
@@ -0,0 +1,10 @@
+'''
+data pipeline example
+'''
+
+from libs.datapipeline import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+
+def step_datapipeline_list_pipelines():
+    list_pipelines(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/db.py
+++ b/modules/db.py
@@ -0,0 +1,27 @@
+'''
+queries that interact with db can go here
+'''
+
+
+import sqlite3
+from sqlite3 import Error
+
+from  libs.sql import *
+
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+#  for a key, what services does it have listed in the DB
+def step_show_services_by_key():
+    db_name = "weirdAAL.db"
+    results = search_recon_by_key(db_name,AWS_ACCESS_KEY_ID)
+    print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID))
+    for result in results:
+    	print("{}:{}".format(result[0],result[1]))
+
+#same as show_sevices
+def step_list_services_by_key():
+    db_name = "weirdAAL.db"
+    results = search_recon_by_key(db_name,AWS_ACCESS_KEY_ID)
+    print("Services enumerated for {}".format(AWS_ACCESS_KEY_ID))
+    for result in results:
+    	print("{}:{}".format(result[0],result[1]))
--- a/modules/dynamodb.py
+++ b/modules/dynamodb.py
@@ -0,0 +1,11 @@
+'''
+dynamoDB examples
+'''
+from libs.dynamodb import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+def step_dynamodb_list_tables():
+    list_dynamodb_tables(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+def step_dynamodb_list_tables_detailed():
+    list_dynamodb_tables_detailed(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/dynamodbstreams.py
+++ b/modules/dynamodbstreams.py
@@ -0,0 +1,8 @@
+'''
+dynamoDBstreams examples
+'''
+from libs.dynamodbstreams import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+def step_dynamodbstreams_list_streams():
+    list_dynamodbstreams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/ec2.py
+++ b/modules/ec2.py
@@ -0,0 +1,53 @@
+'''
+This file is used to perform various EC2 operations
+'''
+
+from libs.ec2 import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+'''
+Basic info about each EC2 instance
+ex:
+[+] Listing instances for region: us-west-2 [+]
+InstanceID: i-XXXXXXXXXXXXXXX, InstanceType: t2.micro, State: {'Code': 80, 'Name': 'stopped'}, Launchtime: 2016-08-25 22:31:31+00:00
+'''
+
+
+def step_ec2_get_instances_basic():
+    get_instance_details_basic(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+'''
+All info about each EC2 instance
+'''
+
+
+def step_ec2_get_instances_detailed():
+    get_instance_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+'''
+show volumes sorted by instanceId ex: instanceID-->multiple volumes  less detail than get_instance_volume_details2
+'''
+
+
+def step_ec2_get_instance_volume_details():
+    get_instance_volume_details(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+'''
+show volumes by instanceId but instanceID->volume1 of ID, instanceID->volume2 of ID but more details.
+'''
+
+
+def step_ec2_get_instance_volume_details2():
+    get_instance_volume_details2(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+'''
+This function is used to list EBS volumes and whether or not they are encrypted. This is only for "in-use" (running) volumes.
+'''
+
+
+def step_ec2_review_encrypted_volumes():
+    review_encrypted_volumes(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/ecr.py
+++ b/modules/ecr.py
@@ -0,0 +1,9 @@
+'''
+ECR functions
+'''
+from  libs.ecr import *
+
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+def step_ecr_describe_repos():
+	describe_repositories(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/elasticbeanstalk.py
+++ b/modules/elasticbeanstalk.py
@@ -0,0 +1,33 @@
+'''
+This file is used to perform some ElasticBeanstalk actions
+'''
+from libs.elasticbeanstalk import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+
+'''
+There is a weird issue that AWS says everyone has elasticbeanstalk permissions
+despite not running any of these services - in other words it wont be abnormal
+for recon to say it has elasticbeantalk permissions but nothing get returned
+when you run these functions
+'''
+
+
+def step_elasticbeanstalk_describe_applications():
+    describe_applications(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+def step_elasticbeanstalk_describe_applications_versions():
+    describe_application_versions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+# not working
+# def step_elasticbeanstalk_describe_configuration_options():
+#   describe_configuration_options(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+def step_elasticbeanstalk_describe_environments():
+    describe_environments(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+def step_elasticbeanstalk_describe_events():
+    describe_events(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/emr.py
+++ b/modules/emr.py
@@ -0,0 +1,13 @@
+'''
+This file is used to perform some EMR actions
+'''
+from libs.emr import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+
+def step_emr_list_clusters():
+    list_clusters(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+def step_emr_list_security_configurations():
+    list_security_configurations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/firehose.py
+++ b/modules/firehose.py
@@ -0,0 +1,14 @@
+'''
+Firehose functions
+'''
+from  libs.firehose import *
+
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+
+def step_firehose_list_delivery_streams():
+	firehose_list_delivery_streams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+def step_firehose_describe_delivery_streams():
+	firehose_describe_delivery_streams(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/iam.py
+++ b/modules/iam.py
@@ -0,0 +1,22 @@
+'''
+IAM recon functions
+'''
+from  libs.iam import *
+
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+
+def step_iam_list_groups():
+    iam_list_groups(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+def step_iam_get_user():
+    iam_get_user(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+def step_iam_get_account_summary():
+    iam_get_account_summary(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+def step_iam_list_users():
+    iam_list_users(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/opsworks.py
+++ b/modules/opsworks.py
@@ -0,0 +1,10 @@
+from libs.opsworks import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+
+def step_opsworks_describe_stacks():
+    describe_stacks(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+
+def step_opsworks_describe_user_profiles():
+	describe_user_profiles(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/pricing.py
+++ b/modules/pricing.py
@@ -0,0 +1,12 @@
+'''
+This file is used to perform various pricing operations
+usually have to be root or be specifically assigned the
+permission to get anything from this
+'''
+
+from libs.pricing import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+
+def step_pricing_describe_services():
+    pricing_describe_services(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/recon.py
+++ b/modules/recon.py
@@ -0,0 +1,143 @@
+from __future__ import print_function
+
+from libs.brute import *
+from libs.s3 import *
+
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+def step_recon_all():
+    check_root_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_acm_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  AlexaForBusiness
+    brute_apigateway_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  Application Auto Scaling
+    brute_appstream_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  AppSync no usable functions
+    brute_athena_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_autoscaling_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  AutoScalingPlans
+    brute_batch_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_budgets_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  CostExplorer
+    #  brute_cloud9_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY) Was working now its not
+    brute_clouddirectory_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_cloudformation_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_cloudfront_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_cloudhsm_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  cloudhsmv2
+    brute_cloudsearch_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  CloudSearchDomain
+    brute_cloudtrail_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_cloudwatch_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_codebuild_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_codecommit_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_codedeploy_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_codepipeline_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_codestar_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_cognitoidentity_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_cognitoidp_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_cognitosync_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  Comprehend
+    brute_configservice_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  brute_costandusagereportservice_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY) #Could not connect to the endpoint URL: "https://cur.us-west-2.amazonaws.com/"
+    brute_datapipeline_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  DAX
+    brute_devicefarm_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_directconnect_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_applicationdiscoveryservice_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_dms_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_directoryservice_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_dynamodb_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_dynamodbstreams_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_ec2_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_ecr_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_ecs_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_efs_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_elasticache_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_elasticbeanstalk_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_elastictranscoder_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_elasticloadbalancing_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_elasticloadbalancingv2_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_emr_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_es_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_cloudwatchevents_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_firehose_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_gamelift_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_glacier_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  Glue
+    brute_greengrass_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  GuardDuty
+    brute_health_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_iam_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_importexport_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_inspector_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_iot_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  IoTDataPlane  no functions
+    #  IoTJobsDataPlane
+    brute_kinesis_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  KinesisVideoArchivedMedia
+    #  KinesisVideoMedia
+    brute_kinesisanalytics_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  KinesisVideo
+    brute_kms_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_lambda_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_lexmodels_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  LexRuntimeService #no functions
+    brute_lightsail_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_cloudwatchlogs_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_machinelearning_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  marketplace-entitlement no functions
+    #  marketplacecommerceanalytics no functions
+    #  MediaConvert
+    #  MediaLive
+    #  MediaPackage
+    #  MediaStore
+    #  MediaStore-Data
+    #  MarketplaceMetering no functions
+    #  MigrationHub
+    #  Mobile
+    #  MQ
+    brute_mturk_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_opsworks_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_opsworkscm_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_organizations_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  PinPoint no functions
+    brute_polly_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  Pricing
+    brute_rds_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_redshift_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_rekognition_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  ResourceGroups
+    brute_resourcegroupstaggingapi_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_route53_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_route53domains_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_s3_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  SageMaker
+    #  SageMakerRuntime
+    brute_sdb_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  ServerlessApplicationRepository
+    brute_servicecatalog_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  ServiceDiscovery
+    brute_ses_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_shield_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_sms_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_snowball_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_sns_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    brute_sqs_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  SSM
+    brute_stepfunctions_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  StorageGateway
+    brute_sts_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  Support
+    #  SWF
+    #  TranscribeService
+    #  Translate
+    #  WAF
+    #  WAFRegional
+    #  WorkDocs
+    #  WorkMail
+    brute_workspaces_permissions(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+    #  XRay no functions
+
+#  S3 bucket's while we are here...
+    get_s3objects_for_account(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/route53.py
+++ b/modules/route53.py
@@ -0,0 +1,10 @@
+'''
+route53 functions
+'''
+from  libs.route53 import *
+
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+
+def step_route53_list_geolocations():
+	list_geolocations(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/sqs.py
+++ b/modules/sqs.py
@@ -0,0 +1,9 @@
+'''
+SQS
+'''
+from libs.sqs import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+
+def step_sqs_list_queues():
+	sqs_list_queues(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
--- a/modules/sts.py
+++ b/modules/sts.py
@@ -0,0 +1,12 @@
+'''
+This file is used to perform some EMR actions
+'''
+from libs.sts import *
+from config import AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY
+
+
+def step_sts_get_accountid():
+    get_accountid(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)
+
+def step_sts_get_accountidall():
+    get_accountid_all(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY)