aws_recon 0.2.13 → 0.2.18
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/docker-build.yml +1 -1
- data/lib/aws_recon.rb +3 -0
- data/lib/aws_recon/collectors/cloudtrail.rb +1 -0
- data/lib/aws_recon/collectors/ec2.rb +19 -0
- data/lib/aws_recon/collectors/lambda.rb +4 -0
- data/lib/aws_recon/collectors/s3.rb +7 -1
- data/lib/aws_recon/collectors/sns.rb +2 -0
- data/lib/aws_recon/collectors/sqs.rb +1 -1
- data/lib/aws_recon/collectors/ssm.rb +1 -1
- data/lib/aws_recon/lib/patch.rb +10 -0
- data/lib/aws_recon/version.rb +1 -1
- data/readme.md +3 -2
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: eda49a53171d4ca65cdead1238f92429a594e80a644a199eb5bbcccc13514671
|
4
|
+
data.tar.gz: 1fa1d7b45fe39c8ef90f49e31bebbf7a5c5569b524fc9a5aa0bfe08262d760fa
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b68650f9efd7f4a522b5aa6240ddaba6d31837634b5d897361838fb17abab065fb756f8d5e9cd94480980fefdfd89317fabbcf1245add3e8fda83a2e5ccf259c
|
7
|
+
data.tar.gz: 85a2604470ec75b83cb82ad2829411fa6927183cba241a6fb72ed409c0ee277443101f999cf883620d056ee90d13edbb3e84787e1e37dde415670a9ff196bdb0
|
data/lib/aws_recon.rb
CHANGED
@@ -21,6 +21,7 @@ class CloudTrail < Mapper
|
|
21
21
|
struct = OpenStruct.new(trail.to_h)
|
22
22
|
struct.tags = client.list_tags({ resource_id_list: [trail.trail_arn] }).resource_tag_list.first.tags_list
|
23
23
|
struct.type = 'cloud_trail'
|
24
|
+
struct.event_selectors = client.get_event_selectors({ trail_name: trail.name }).to_h
|
24
25
|
struct.status = client.get_trail_status({ name: trail.name }).to_h
|
25
26
|
struct.arn = trail.trail_arn
|
26
27
|
|
@@ -175,6 +175,21 @@ class EC2 < Mapper
|
|
175
175
|
end
|
176
176
|
end
|
177
177
|
|
178
|
+
#
|
179
|
+
# describe_internet_gateways
|
180
|
+
#
|
181
|
+
@client.describe_internet_gateways.each_with_index do |response, page|
|
182
|
+
log(response.context.operation_name, page)
|
183
|
+
|
184
|
+
response.internet_gateways.each do |gateway|
|
185
|
+
struct = OpenStruct.new(gateway.to_h)
|
186
|
+
struct.type = 'internet_gateway'
|
187
|
+
struct.arn = gateway.internet_gateway_id # no true ARN
|
188
|
+
|
189
|
+
resources.push(struct.to_h)
|
190
|
+
end
|
191
|
+
end
|
192
|
+
|
178
193
|
#
|
179
194
|
# describe_route_tables
|
180
195
|
#
|
@@ -215,6 +230,10 @@ class EC2 < Mapper
|
|
215
230
|
struct = OpenStruct.new(snapshot.to_h)
|
216
231
|
struct.type = 'snapshot'
|
217
232
|
struct.arn = snapshot.snapshot_id # no true ARN
|
233
|
+
struct.create_volume_permissions = @client.describe_snapshot_attribute({
|
234
|
+
attribute: 'createVolumePermission',
|
235
|
+
snapshot_id: snapshot.snapshot_id
|
236
|
+
}).create_volume_permissions.map(&:to_h)
|
218
237
|
|
219
238
|
resources.push(struct.to_h)
|
220
239
|
end
|
@@ -12,7 +12,11 @@ class Lambda < Mapper
|
|
12
12
|
struct = OpenStruct.new(function)
|
13
13
|
struct.type = 'function'
|
14
14
|
struct.arn = function.function_arn
|
15
|
+
struct.policy = @client.get_policy({ function_name: function.function_name }).policy.parse_policy
|
15
16
|
|
17
|
+
rescue Aws::Lambda::Errors::ResourceNotFoundException => e
|
18
|
+
log_error(e.code)
|
19
|
+
ensure
|
16
20
|
resources.push(struct.to_h)
|
17
21
|
end
|
18
22
|
end
|
@@ -29,16 +29,20 @@ class S3 < Mapper
|
|
29
29
|
# to create a bucket, you must set the location_constraint
|
30
30
|
# bucket parameter to the same region. (https://docs.aws.amazon.com/general/latest/gr/s3.html)
|
31
31
|
client = if location.empty?
|
32
|
+
struct.location = 'us-east-1'
|
32
33
|
@client
|
33
34
|
else
|
35
|
+
struct.location = location
|
34
36
|
Aws::S3::Client.new({ region: location })
|
35
37
|
end
|
36
38
|
|
37
39
|
operations = [
|
38
40
|
{ func: 'get_bucket_acl', key: 'acl', field: nil },
|
39
41
|
{ func: 'get_bucket_encryption', key: 'encryption', field: 'server_side_encryption_configuration' },
|
42
|
+
{ func: 'get_bucket_replication', key: 'replication', field: 'replication_configuration' },
|
40
43
|
{ func: 'get_bucket_policy', key: 'policy', field: 'policy' },
|
41
44
|
{ func: 'get_bucket_policy_status', key: 'public', field: 'policy_status' },
|
45
|
+
{ func: 'get_public_access_block', key: 'public_access_block', field: 'public_access_block_configuration' },
|
42
46
|
{ func: 'get_bucket_tagging', key: 'tagging', field: nil },
|
43
47
|
{ func: 'get_bucket_logging', key: 'logging', field: 'logging_enabled' },
|
44
48
|
{ func: 'get_bucket_versioning', key: 'versioning', field: nil },
|
@@ -51,7 +55,7 @@ class S3 < Mapper
|
|
51
55
|
resp = client.send(op.func, { bucket: bucket.name })
|
52
56
|
|
53
57
|
struct[op.key] = if op.key == 'policy'
|
54
|
-
resp.policy.string
|
58
|
+
JSON.parse(CGI.unescape(resp.policy.string))
|
55
59
|
else
|
56
60
|
op.field ? resp.send(op.field).to_h : resp.to_h
|
57
61
|
end
|
@@ -77,6 +81,8 @@ class S3 < Mapper
|
|
77
81
|
NoSuchBucketPolicy
|
78
82
|
NoSuchTagSet
|
79
83
|
NoSuchWebsiteConfiguration
|
84
|
+
ReplicationConfigurationNotFoundError
|
85
|
+
NoSuchPublicAccessBlockConfiguration
|
80
86
|
]
|
81
87
|
end
|
82
88
|
end
|
@@ -18,6 +18,8 @@ class SNS < Mapper
|
|
18
18
|
struct = OpenStruct.new(@client.get_topic_attributes({ topic_arn: topic.topic_arn }).attributes.to_h)
|
19
19
|
struct.type = 'topic'
|
20
20
|
struct.arn = topic.topic_arn
|
21
|
+
struct.policy = JSON.parse(CGI.unescape(struct.Policy))
|
22
|
+
struct.effective_delivery_policy = JSON.parse(CGI.unescape(struct.EffectiveDeliveryPolicy))
|
21
23
|
struct.subscriptions = []
|
22
24
|
|
23
25
|
# list_subscriptions_by_topic
|
@@ -18,7 +18,7 @@ class SQS < Mapper
|
|
18
18
|
struct = OpenStruct.new(@client.get_queue_attributes({ queue_url: queue, attribute_names: ['All'] }).attributes.to_h)
|
19
19
|
struct.type = 'queue'
|
20
20
|
struct.arn = struct.QueueArn
|
21
|
-
struct.
|
21
|
+
struct.policy = JSON.parse(CGI.unescape(struct.Policy))
|
22
22
|
|
23
23
|
resources.push(struct.to_h)
|
24
24
|
end
|
@@ -30,7 +30,7 @@ class SSM < Mapper
|
|
30
30
|
struct = OpenStruct.new(parameter.to_h)
|
31
31
|
struct.string_type = parameter.type
|
32
32
|
struct.type = 'parameter'
|
33
|
-
struct.arn = "arn:aws:#{@service}:#{@region}::parameter
|
33
|
+
struct.arn = "arn:aws:#{@service}:#{@region}::parameter:#{parameter.name}"
|
34
34
|
|
35
35
|
resources.push(struct.to_h)
|
36
36
|
end
|
data/lib/aws_recon/version.rb
CHANGED
data/readme.md
CHANGED
@@ -1,5 +1,5 @@
|
|
1
|
-
![smoke-test](https://github.com/darkbitio/aws-recon/
|
2
|
-
[![Gem Version](https://badge.fury.io/rb/aws_recon.svg)](https://
|
1
|
+
[![GitHub Workflow Status (branch)](https://img.shields.io/github/workflow/status/darkbitio/aws-recon/smoke-test/main)](https://github.com/darkbitio/aws-recon/actions?query=branch%3Amain)
|
2
|
+
[![Gem Version](https://badge.fury.io/rb/aws_recon.svg)](https://rubygems.org/gems/aws_recon)
|
3
3
|
|
4
4
|
# AWS Recon
|
5
5
|
|
@@ -222,6 +222,7 @@ Current "coverage" by service is listed below. The services without coverage wil
|
|
222
222
|
|
223
223
|
AWS Recon aims to collect all resources and metadata that are relevant in determining the security posture of your AWS account(s). However, it does not actually examine the resources for security posture - that is the job of other tools that take the output of AWS Recon as input.
|
224
224
|
|
225
|
+
- [x] AccessAnalyzer
|
225
226
|
- [x] AdvancedShield
|
226
227
|
- [x] Athena
|
227
228
|
- [x] GuardDuty
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws_recon
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.18
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Josh Larsen
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2020-11-
|
12
|
+
date: 2020-11-25 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: aws-sdk
|
@@ -235,6 +235,7 @@ files:
|
|
235
235
|
- lib/aws_recon/collectors/xray.rb
|
236
236
|
- lib/aws_recon/lib/formatter.rb
|
237
237
|
- lib/aws_recon/lib/mapper.rb
|
238
|
+
- lib/aws_recon/lib/patch.rb
|
238
239
|
- lib/aws_recon/options.rb
|
239
240
|
- lib/aws_recon/services.yaml
|
240
241
|
- lib/aws_recon/version.rb
|