dash/weirdAAL

Go to file

carnal0wnage 0ea40aea05 brute minor update and iam updates

2018-04-13 14:01:25 -04:00

brute minor update and iam updates

2018-04-13 14:01:25 -04:00

brute minor update and iam updates

2018-04-13 14:01:25 -04:00

.gitignore

Update .gitignore

2018-02-11 17:57:04 -05:00

config.py

need to go ahead and maybe add this file as a gitignore or something

2018-01-10 11:25:59 -05:00

create_dbs.py

initital db code

2018-04-04 22:12:32 -04:00

logging_list_monitoring_configuration.py

believe the last of the print issues should be fixed

2018-04-06 11:11:50 -10:00

README.md

Update README.md

2017-06-21 13:51:41 -04:00

recon_find_all_permissions.py

pep8 fixes

2018-04-05 16:21:01 -04:00

requirements.txt

I have frozen the requirements file so that versions are super specific to what I am using here in development

2017-11-02 21:28:12 -04:00

s3_list_bucket_contents_fromfile.py

refactor, tidy up, split out config

2017-07-24 14:35:17 -07:00

s3_list_bucket_contents.py

I have decided to temporarily just fix all the print statements since it did not take long with some atom/regex fu

2018-04-05 18:59:00 -10:00

s3_list_buckets_and_contents.py

refactor, tidy up, split out config

2017-07-24 14:35:17 -07:00

s3_list_buckets_for_acct.py

refactor, tidy up, split out config

2017-07-24 14:35:17 -07:00

target.txt

fixed indentation and print errors

2018-04-06 13:02:53 -10:00

test_insert.py

more db stuff, log recon results to db

2018-04-05 15:40:02 -04:00

test.txt

Add files via upload

2017-05-31 11:14:56 -04:00

weirdAAL.py

so now we can load modules dynamically. Also, the tutorials for python seem insane. Why was this simple answer not the first to pop. Ugh.

2018-04-12 23:58:20 -04:00

README.md

Weird AAL

Weird AWS Attack Library (AAL)

Examples

IAM

iam_pwn.py -- given a ROOT or account with IAM access manipulate user access keys, MFA, console passwords or create a backdoor user

S3 Examples

s3_list_bucket_contents.py -- list the contents of a single bucket
s3_list_bucket_contents_fromfile.py --list the contents of a bucket from a list of buckets
s3_list_buckets_for_acct.py -- show s3 buckets available to a particular key
s3_list_buckets_and_contents.py -- list buckets AND contents (first 100) for a key

EC2

ec2_review_encrypted_volumes.py -- review ec2 instances for encryption status -write out unencrypted ones to file (port of https://gist.github.com/cktricky/0fa3b13ca4306bcd1ec384e88eac3f55)