aws_recon 0.2.11 → 0.2.16
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/docker-build.yml +38 -0
- data/.github/workflows/smoke-test.yml +23 -0
- data/Dockerfile +2 -1
- data/lib/aws_recon/collectors/accessanalyzer.rb +24 -0
- data/lib/aws_recon/collectors/cloudtrail.rb +1 -0
- data/lib/aws_recon/collectors/ec2.rb +12 -0
- data/lib/aws_recon/services.yaml +2 -0
- data/lib/aws_recon/version.rb +1 -1
- data/readme.md +2 -0
- metadata +5 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: af7cd78c7eed6c8f3c0679561e0c8831f5839545daa75b3579c670ad5ed342b5
|
4
|
+
data.tar.gz: 8eae0b3544a30f71e8fea38a00326bb4b40cd44bdfc38bf6e4f330fe2c96b7e0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 746f85c95fa41ed06b63a95f16196d8fb04be14627d6121813f5ba0eefd4c5920f6ad3dc664ffb59e0d06fe6ce09232789aea81cf6dad73a96ea32272e66724e
|
7
|
+
data.tar.gz: 22a3823f86304c6dd28ec9ff02c78f1142571b53263ea055543fe353d95226856fef00e64975a5fd856b0f462bc60bf8206bd6f09ae034c32fa71608396a59e4
|
@@ -0,0 +1,38 @@
|
|
1
|
+
name: docker-build
|
2
|
+
|
3
|
+
on:
|
4
|
+
push:
|
5
|
+
branches: build
|
6
|
+
paths:
|
7
|
+
- 'lib/aws_recon/version.rb'
|
8
|
+
|
9
|
+
jobs:
|
10
|
+
docker-build:
|
11
|
+
runs-on: ubuntu-20.04
|
12
|
+
steps:
|
13
|
+
- name: Checkout
|
14
|
+
uses: actions/checkout@v2
|
15
|
+
with:
|
16
|
+
fetch-depth: 1
|
17
|
+
- name: Set up QEMU
|
18
|
+
uses: docker/setup-qemu-action@v1
|
19
|
+
- name: Set up Docker Buildx
|
20
|
+
uses: docker/setup-buildx-action@v1
|
21
|
+
- name: Login to DockerHub
|
22
|
+
uses: docker/login-action@v1
|
23
|
+
with:
|
24
|
+
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
25
|
+
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
26
|
+
- name: Set version tag
|
27
|
+
run: |
|
28
|
+
echo "VERSION_TAG=$(grep VERSION lib/aws_recon/version.rb | awk -F\" '{print $2}')" >> $GITHUB_ENV
|
29
|
+
- name: Build and push
|
30
|
+
id: docker_build
|
31
|
+
uses: docker/build-push-action@v2
|
32
|
+
with:
|
33
|
+
push: true
|
34
|
+
build-args: |
|
35
|
+
VERSION=${{ env.VERSION_TAG }}
|
36
|
+
tags: |
|
37
|
+
darkbitio/aws_recon:${{ env.VERSION_TAG }}
|
38
|
+
darkbitio/aws_recon:latest
|
@@ -0,0 +1,23 @@
|
|
1
|
+
name: smoke-test
|
2
|
+
|
3
|
+
on:
|
4
|
+
push:
|
5
|
+
branches: main
|
6
|
+
|
7
|
+
jobs:
|
8
|
+
smoke-test:
|
9
|
+
runs-on: ubuntu-20.04
|
10
|
+
steps:
|
11
|
+
- name: Checkout
|
12
|
+
uses: actions/checkout@v2
|
13
|
+
with:
|
14
|
+
fetch-depth: 1
|
15
|
+
- name: Set version tag
|
16
|
+
run: |
|
17
|
+
echo "VERSION_TAG=$(grep VERSION lib/aws_recon/version.rb | awk -F\" '{print $2}')" >> $GITHUB_ENV
|
18
|
+
- name: Smoke Test :${{ env.VERSION_TAG }}
|
19
|
+
run: |
|
20
|
+
docker run -t --rm darkbitio/aws_recon:${{ env.VERSION_TAG }} aws_recon
|
21
|
+
- name: Smoke Test :latest
|
22
|
+
run: |
|
23
|
+
docker run -t --rm darkbitio/aws_recon:latest aws_recon
|
data/Dockerfile
CHANGED
@@ -3,9 +3,10 @@ FROM ruby:${RUBY_VERSION}-alpine
|
|
3
3
|
|
4
4
|
LABEL maintainer="Darkbit <info@darkbit.io>"
|
5
5
|
|
6
|
+
# Supply AWS Recon version at build time
|
7
|
+
ARG VERSION
|
6
8
|
ARG USER=recon
|
7
9
|
ARG GEM=aws_recon
|
8
|
-
ARG VERSION=0.2.10
|
9
10
|
ARG BUNDLER_VERSION=2.1.4
|
10
11
|
|
11
12
|
# Install new Bundler version
|
@@ -0,0 +1,24 @@
|
|
1
|
+
class AccessAnalyzer < Mapper
|
2
|
+
#
|
3
|
+
# Returns an array of resources.
|
4
|
+
#
|
5
|
+
def collect
|
6
|
+
resources = []
|
7
|
+
|
8
|
+
#
|
9
|
+
# list_analyzers
|
10
|
+
#
|
11
|
+
@client.list_analyzers.each_with_index do |response, page|
|
12
|
+
log(response.context.operation_name, page)
|
13
|
+
|
14
|
+
# analyzers
|
15
|
+
response.analyzers.each do |analyzer|
|
16
|
+
struct = OpenStruct.new(analyzer.to_h)
|
17
|
+
struct.type = 'analyzer'
|
18
|
+
resources.push(struct.to_h)
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
resources
|
23
|
+
end
|
24
|
+
end
|
@@ -21,6 +21,7 @@ class CloudTrail < Mapper
|
|
21
21
|
struct = OpenStruct.new(trail.to_h)
|
22
22
|
struct.tags = client.list_tags({ resource_id_list: [trail.trail_arn] }).resource_tag_list.first.tags_list
|
23
23
|
struct.type = 'cloud_trail'
|
24
|
+
struct.event_selectors = client.get_event_selectors({ trail_name: trail.name }).to_h
|
24
25
|
struct.status = client.get_trail_status({ name: trail.name }).to_h
|
25
26
|
struct.arn = trail.trail_arn
|
26
27
|
|
@@ -31,6 +31,18 @@ class EC2 < Mapper
|
|
31
31
|
|
32
32
|
# regional calls
|
33
33
|
if @region != 'global'
|
34
|
+
#
|
35
|
+
# get_ebs_encryption_by_default
|
36
|
+
#
|
37
|
+
@client.get_ebs_encryption_by_default.each do |response|
|
38
|
+
log(response.context.operation_name)
|
39
|
+
|
40
|
+
struct = OpenStruct.new(response.to_h)
|
41
|
+
struct.type = 'ebs_encryption_settings'
|
42
|
+
|
43
|
+
resources.push(struct.to_h)
|
44
|
+
end
|
45
|
+
|
34
46
|
#
|
35
47
|
# describe_instances
|
36
48
|
#
|
data/lib/aws_recon/services.yaml
CHANGED
data/lib/aws_recon/version.rb
CHANGED
data/readme.md
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
![GitHub Workflow Status (branch)](https://img.shields.io/github/workflow/status/darkbitio/aws-recon/smoke-test/main)
|
1
2
|
[![Gem Version](https://badge.fury.io/rb/aws_recon.svg)](https://badge.fury.io/rb/aws_recon)
|
2
3
|
|
3
4
|
# AWS Recon
|
@@ -221,6 +222,7 @@ Current "coverage" by service is listed below. The services without coverage wil
|
|
221
222
|
|
222
223
|
AWS Recon aims to collect all resources and metadata that are relevant in determining the security posture of your AWS account(s). However, it does not actually examine the resources for security posture - that is the job of other tools that take the output of AWS Recon as input.
|
223
224
|
|
225
|
+
- [x] AccessAnalyzer
|
224
226
|
- [x] AdvancedShield
|
225
227
|
- [x] Athena
|
226
228
|
- [x] GuardDuty
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws_recon
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.16
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Josh Larsen
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2020-11-
|
12
|
+
date: 2020-11-18 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: aws-sdk
|
@@ -163,6 +163,8 @@ extensions: []
|
|
163
163
|
extra_rdoc_files: []
|
164
164
|
files:
|
165
165
|
- ".github/stale.yml"
|
166
|
+
- ".github/workflows/docker-build.yml"
|
167
|
+
- ".github/workflows/smoke-test.yml"
|
166
168
|
- ".gitignore"
|
167
169
|
- ".rubocop.yml"
|
168
170
|
- ".travis.yml"
|
@@ -178,6 +180,7 @@ files:
|
|
178
180
|
- lib/aws_recon.rb
|
179
181
|
- lib/aws_recon/aws_recon.rb
|
180
182
|
- lib/aws_recon/collectors.rb
|
183
|
+
- lib/aws_recon/collectors/accessanalyzer.rb
|
181
184
|
- lib/aws_recon/collectors/acm.rb
|
182
185
|
- lib/aws_recon/collectors/apigateway.rb
|
183
186
|
- lib/aws_recon/collectors/apigatewayv2.rb
|