dash/weirdAAL

Go to file

Chris Gates 97ac1425ea Merge pull request #34 from carnal0wnage/global_variables

global vars for db_name and target

2018-04-21 15:07:30 -04:00

global vars for db_name and target

2018-04-21 14:15:35 -04:00

add the loot and screenshot folders

2018-04-20 22:17:29 -04:00

global vars for db_name and target

2018-04-21 14:15:35 -04:00

add the loot and screenshot folders

2018-04-20 22:17:29 -04:00

.gitignore

Update .gitignore

2018-04-20 22:10:33 -04:00

create_dbs.py

global vars for db_name and target

2018-04-21 14:15:35 -04:00

env.sample

this will give people some basic idea of using the dotenv file

2018-04-19 11:45:26 -04:00

logging_list_monitoring_configuration.py

believe the last of the print issues should be fixed

2018-04-06 11:11:50 -10:00

README.md

this will give people some basic idea of using the dotenv file

2018-04-19 11:45:26 -04:00

recon_find_all_permissions.py

pep8 fixes

2018-04-05 16:21:01 -04:00

requirements.txt

updated requirements text file

2018-04-19 22:09:41 -04:00

s3_list_bucket_contents_fromfile.py

refactor, tidy up, split out config

2017-07-24 14:35:17 -07:00

s3_list_bucket_contents.py

I have decided to temporarily just fix all the print statements since it did not take long with some atom/regex fu

2018-04-05 18:59:00 -10:00

s3_list_buckets_and_contents.py

refactor, tidy up, split out config

2017-07-24 14:35:17 -07:00

s3_list_buckets_for_acct.py

refactor, tidy up, split out config

2017-07-24 14:35:17 -07:00

target.txt

fixed indentation and print errors

2018-04-06 13:02:53 -10:00

test_insert.py

global vars for db_name and target

2018-04-21 14:15:35 -04:00

test.txt

Add files via upload

2017-05-31 11:14:56 -04:00

weirdAAL.py

whoops, typo

2018-04-21 14:18:10 -04:00

README.md

Weird AAL

Weird AWS Attack Library (AAL)

Credentials

You will want to copy the env.sample file over to a .env file in your weirdAAL directory. Then place the relevant keys where applicable. Example:

weirdAAL$ cp env.sample .env

Examples

IAM

iam_pwn.py -- given a ROOT or account with IAM access manipulate user access keys, MFA, console passwords or create a backdoor user

S3 Examples

s3_list_bucket_contents.py -- list the contents of a single bucket
s3_list_bucket_contents_fromfile.py --list the contents of a bucket from a list of buckets
s3_list_buckets_for_acct.py -- show s3 buckets available to a particular key
s3_list_buckets_and_contents.py -- list buckets AND contents (first 100) for a key

EC2

ec2_review_encrypted_volumes.py -- review ec2 instances for encryption status -write out unencrypted ones to file (port of https://gist.github.com/cktricky/0fa3b13ca4306bcd1ec384e88eac3f55)