AWS tools

AWS CLI can be installed on Windows (64 bit), Linux (both x86 and ARM processors), macOS, and inside a Docker container.

  • AWS Inspector: A customized security solution for AWS which can be used as a basic minimum or preliminary testing tool.

  • AWSGoat: A vulnerable by design infrastructure on AWS featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfiguration based on services such as IAM, S3, API Gateway, Lambda, EC2, and ECS.

  • CloudGoat: Stand up vulnerable AWS resources as a target for PACU.

  • GrayHat Warfare: for finding vulnerable S3 Buckets.

  • PACU: Open-source AWS exploitation framework based on python.

  • S3Scanner: An open-source tool to scan S3 buckets for misconfigurations and dump their data.

  • Gobuster can be used to enumerate Amazon S3 buckets; virtual hostnames for web servers; and DNS entries using fuzzing, filters, and different protocols and HTTP methods.