awsrecon

command module

v0.0.21 Latest Latest Go to latest Published: Oct 9, 2023 License: MIT Imports: 1 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hupe1980/awsrecon

Links

Open Source Insights

README ¶

AWSrecon

AWSrecon is a tool for reconnaissance AWS cloud environments. It helps security professionals find possible vulnerabilities and exploitable attack paths in AWS cloud infrastructures.

Features

Enumerates internal/external endpoints as attacking starting point or for lateral movement
Mines secrets in envs, tags, stacks and more
Detects dangling dns entries (subdomain takeover)
Lists potentially mountable file systems
Lists iam policies that have the potential for privilege escalation or data exfiltration (coming soon)
Gives hints for further investigations
...

Installing

You can install the pre-compiled binary in several different ways

homebrew tap:

brew tap hupe1980/awsrecon
brew install awsrecon

scoop:

scoop bucket add awsrecon https://github.com/hupe1980/awsrecon-bucket.git
scoop install awsrecon

deb/rpm/apk:

Download the .deb, .rpm or .apk from the releases page and install them with the appropriate tools.

manually:

Download the pre-compiled binaries from the releases page and copy to the desired location.

How to use

Usage:
  awsrecon [command]

Available Commands:
  access-keys  Enumerate iam access-keys
  buckets      Enumerate s3 buckets
  completion   Generate the autocompletion script for the specified shell
  download-iam Download iam definitions
  endpoints    Enumerate endpoints
  envs         Enumerate environment variables
  filesystems  Enumerate filesystems
  functions    Enumerate lambda functions
  help         Help about any command
  instances    Enumerate ec2 instances
  logs         Enumerate cloudwatch logs
  principals   Enumerate iam principals
  records      Enumerate dns records
  repos        Enumerate codecommit repositories
  role-trusts  Enumerate iam role-trusts
  secrets      Enumerate secrets
  stacks       Enumerate cloudformation stacks
  tags         Enumerate tags

Flags:
  -h, --help                help for awsrecon
  -o, --output string       output filename
      --profile string      AWS profile
      --region strings      AWS regions (default all aws regions)
  -A, --user-agent string   user-agent to use (default "awsrecon")
  -v, --version             version for awsrecon

Use "awsrecon [command] --help" for more information about a command.

Available Commands

Name	Description
access-keys	Enumerate iam access-keys
buckets	Enumerate s3 buckets
endpoints	Enumerate endpoints
envs	Enumerate environment variables
filesystems	Enumerate filesystems
functions	Enumerate lambda functions
instances	Enumerate ec2 instances
logs	Enumerate cloudwatch logs
principals	Enumerate iam principals
records	Enumerate dns records
repos	Enumerate codecommit repos
role-trusts	Enumerate iam role-trusts
secrets	Enumerate secrets
stacks	Enumerate cloudformation stacks
tags	Enumerate tags

License

MIT

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
cmd
pkg
audit
audit/bucket
audit/cfn
audit/code
audit/git
audit/logmessage
audit/permission
audit/secret
audit/secret/scanner
audit/secret/scanner/aws
audit/secret/scanner/npm
audit/secret/scanner/privatekey
audit/secret/scanner/slack
audit/securitygroup
audit/takeover
buildspec
cloudformation
codecommit
common
config
iam
output
recon

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL