Go to file

Ken Johnson e7eb42eb87 Merge pull request #32 from carnal0wnage/env

this will give people some basic idea of using the dotenv file

2018-04-19 11:46:22 -04:00

libs

a bit more cleanup and docs

2018-04-18 23:02:18 -04:00

modules

changing from step to module

2018-04-19 11:12:56 -04:00

.gitignore

Update .gitignore

2018-04-18 21:53:51 -04:00

config.py

put config.py back for a bit because everything poops without it

2018-04-16 14:43:27 -04:00

create_dbs.py

updates

2018-04-18 20:51:53 -04:00

env.sample

this will give people some basic idea of using the dotenv file

2018-04-19 11:45:26 -04:00

logging_list_monitoring_configuration.py

believe the last of the print issues should be fixed

2018-04-06 11:11:50 -10:00

README.md

this will give people some basic idea of using the dotenv file

2018-04-19 11:45:26 -04:00

recon_find_all_permissions.py

pep8 fixes

2018-04-05 16:21:01 -04:00

requirements.txt

I have frozen the requirements file so that versions are super specific to what I am using here in development

2017-11-02 21:28:12 -04:00

s3_list_bucket_contents_fromfile.py

refactor, tidy up, split out config

2017-07-24 14:35:17 -07:00

s3_list_bucket_contents.py

I have decided to temporarily just fix all the print statements since it did not take long with some atom/regex fu

2018-04-05 18:59:00 -10:00

s3_list_buckets_and_contents.py

refactor, tidy up, split out config

2017-07-24 14:35:17 -07:00

s3_list_buckets_for_acct.py

refactor, tidy up, split out config

2017-07-24 14:35:17 -07:00

target.txt

fixed indentation and print errors

2018-04-06 13:02:53 -10:00

test_insert.py

stab at ec2 log sub_service to db

2018-04-18 21:49:59 -04:00

test.txt

Add files via upload

2017-05-31 11:14:56 -04:00

weirdAAL.py

removed this method

2018-04-19 11:31:16 -04:00

README.md

Weird AAL

Weird AWS Attack Library (AAL)

Credentials

You will want to copy the env.sample file over to a .env file in your weirdAAL directory. Then place the relevant keys where applicable. Example:

weirdAAL$ cp env.sample .env

Examples

IAM

iam_pwn.py -- given a ROOT or account with IAM access manipulate user access keys, MFA, console passwords or create a backdoor user

S3 Examples

s3_list_bucket_contents.py -- list the contents of a single bucket
s3_list_bucket_contents_fromfile.py --list the contents of a bucket from a list of buckets
s3_list_buckets_for_acct.py -- show s3 buckets available to a particular key
s3_list_buckets_and_contents.py -- list buckets AND contents (first 100) for a key

EC2

ec2_review_encrypted_volumes.py -- review ec2 instances for encryption status -write out unencrypted ones to file (port of https://gist.github.com/cktricky/0fa3b13ca4306bcd1ec384e88eac3f55)