Skip to content

Updated rules #1650

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
AshikaBushan wants to merge 24 commits into
base: master
Choose a base branch
from
Open

Updated rules #1650

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
7ea3d19
Updated rules
AshikaBushan Jul 11, 2024
a1b37bd
Merge pull request #1 from TiiSysDev/aws-tweaks
TiiSysDev Jul 11, 2024
56ce271
Added powershel script to automate aws audit
AshikaBushan Jul 11, 2024
10cc870
Updated Docker configuration files
AshikaBushan Jul 22, 2024
92f3999
Added shell script to run scout against all accounts
AshikaBushan Jul 24, 2024
c60b6dc
Updated dockerfile
AshikaBushan Jul 24, 2024
24f03bb
Updated prereq to install aws cli in the container
AshikaBushan Jul 31, 2024
b26a6b1
Initial commit of GenerateSignedURL script and docker-compose file
AshikaBushan Aug 14, 2024
e88f61f
Updated path of run_scoutsuite_audit.sh
AshikaBushan Aug 14, 2024
c1e82fe
Corrections made to run scoutsuite script
AshikaBushan Aug 14, 2024
0cfb464
Updated the run scout suite script to restructure s3 bucket
AshikaBushan Aug 14, 2024
1d88c85
Dockerfile changes for building custom image
AshikaBushan Jan 6, 2025
efe1e44
Generate cookies script added
AshikaBushan Mar 26, 2025
f698952
README file updated with fork specific information including info on …
AshikaBushan Mar 26, 2025
35ff91f
Added automation script documentation
AshikaBushan Mar 26, 2025
855c8cc
Updated documentation to include potential key pair issues
AshikaBushan May 12, 2025
1eeb59a
Documentation changes and correction of file name
AshikaBushan May 12, 2025
21b0ffe
Made Docker Build file changes to add dependencies to the image inclu…
AshikaBushan May 14, 2025
9b7acd5
Script to run scoutsuite locally updated to send reports to s3
AshikaBushan May 21, 2025
e2c6abd
Dockerfile updates and corresponding documentation
AshikaBushan May 21, 2025
a4e5eb2
Updated iam-unused-credentials-not-disabled.json to exclude deleted/i…
AshikaBushan May 22, 2025
b349eaf
Code changes to fix unable to fetch cloudtrail trails and cache issue…
AshikaBushan May 26, 2025
fb1b164
Resolved conflicts in docker configuration files (.env, Dockerfile)
AshikaBushan May 30, 2025
87afdf9
Severity of checks changed to warning for managed policies related ch…
AshikaBushan Jun 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Updated iam-unused-credentials-not-disabled.json to exclude deleted/i… 
…nactive keys
  • Loading branch information
@AshikaBushan
AshikaBushan committed May 22, 2025
commit a4e5eb2e8380f5e2f25665da4f8c8e30ebb9e833
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ report-*
*.db
cloufront_config.json
cloudfront_config.template.json
tools/automation/config*

# IntelliJ files
.idea/
Expand Down
58 changes: 22 additions & 36 deletions ScoutSuite/providers/aws/rules/findings/iam-unused-credentials-not-disabled.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,19 +31,11 @@
""
],
[
"and",
"iam.credential_reports.id.password_last_used",
"olderThan",
[
"iam.credential_reports.id.password_last_used",
"notNull",
""
],
[
"iam.credential_reports.id.password_last_used",
"olderThan",
[
"_ARG_0_",
"days"
]
"_ARG_0_",
"days"
]
]
],
Expand All @@ -55,20 +47,17 @@
""
],
[
"and",
[
"iam.credential_reports.id.access_key_1_last_used_date",
"notNull",
""
],
"iam.credential_reports.id.access_key_1_last_used_date",
"olderThan",
[
"iam.credential_reports.id.access_key_1_last_used_date",
"olderThan",
[
"_ARG_0_",
"days"
]
"_ARG_0_",
"days"
]
],
[
"iam.credential_reports.id.access_key_1_last_used_date",
"notEqual",
"N/A"
]
],
[
Expand All @@ -79,20 +68,17 @@
""
],
[
"and",
"iam.credential_reports.id.access_key_2_last_used_date",
"olderThan",
[
"iam.credential_reports.id.access_key_2_last_used_date",
"notNull",
""
],
[
"iam.credential_reports.id.access_key_2_last_used_date",
"olderThan",
[
"_ARG_0_",
"days"
]
"_ARG_0_",
"days"
]
],
[
"iam.credential_reports.id.access_key_2_last_used_date",
"notEqual",
"N/A"
]
]
],
Expand Down
2 changes: 1 addition & 1 deletion docker/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@

2. Build AWS image:
```bash
./build.sh aws
docker build -t scoutsuitedockerimage -t latest -f Dockerfile-aws .
```

## Build Options
Expand Down
2 changes: 1 addition & 1 deletion tools/automation/scripts/RunScoutSuiteAWSAudit.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Define AWS account profiles
[string[]]$awsProfiles = @('management-account', 'public-sites', 'corporate-applications', 'public-sites') # Replace with the accounts you want to audit.
[string[]]$awsProfiles = @('management', 'publicsites', 'corporateapplications', 'publicsites') # Replace with the accounts you want to audit.

# Define directories
$tempResultsDirectory = "C:\Users\ashika.sreerambushan\source\repos\ScoutSuite\scoutsuite_reports"
Expand Down