Skip to content

MillerMedia/awtest

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

52 Commits
cmd/awtest
cmd/awtest
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

AWTest

AWTest is a tool for pentesting found AWS credentials.

Features

  • Performs list operations on various AWS services to check permissions for AWS access key id / secret access key pairs.

Installation

Run the following command to install the latest version -

go install -v github.com/MillerMedia/awtest/cmd/awtest@latest
Brew 
brew tap MillerMedia/awtest
brew update
brew install awtest

Usage

Example command

If you are using the AWS CLI, you can run the command without flags to analyze the current active CLI profile.

awtest

Example command w/explicit keys

Use this to enter keys directly into the command.

awtest --aki=YourAccessKeyID --sak=YourSecretAccessKey

Example Output

[AWTest] [user-id] [info] AKIABCDEFGHIJKLMNO
[AWTest] [account-number] [info] 123456789012
[AWTest] [iam-arn] [info] arn:aws:iam::123456789012:user/exampleUser
[AWTest] [s3:ListBuckets] [info] Found S3 bucket: example-bucket-1
[AWTest] [s3:ListBuckets] [info] Found S3 bucket: example-bucket-2
[AWTest] [s3:ListBuckets] [info] Found S3 bucket: example-bucket-3
[AWTest] [ec2:DescribeInstances] [info] Found EC2 instance: i-0abcdef1234567890
[AWTest] [iam:ListUsers] [info] Found IAM user: exampleUser1
[AWTest] [iam:ListUsers] [info] Found IAM user: exampleUser2
[AWTest] [sns:ListTopics] [info] Found SNS topic: arn:aws:sns:us-east-1:123456789012:ExampleTopic1
[AWTest] [sns:ListTopics] [info] Found SNS topic: arn:aws:sns:us-east-1:123456789012:ExampleTopic2
[AWTest] [lambda:ListFunctions] [info] Found Lambda function: exampleFunction1
[AWTest] [lambda:ListFunctions] [info] Found Lambda function: exampleFunction2
[AWTest] [cloudwatch:DescribeAlarms] [info] Found CloudWatch alarm: exampleAlarm1
[AWTest] [cloudwatch:DescribeAlarms] [info] Found CloudWatch alarm: exampleAlarm2
[AWTest] [appsync:ListGraphqlApis] [info] Error: Access denied to this service.
[AWTest] [apigateway:RestApis] [info] Error: Access denied to this service.

Flags/Options

-access-key-id string
    AWS Access Key ID
-aki string
    Abbreviated AWS Access Key ID
-debug
    Enable debug mode
-region string
    AWS Region (default "us-west-2")
-sak string
    Abbreviated AWS Secret Access Key
-secret-access-key string
    AWS Secret Access Key

Contributing

I welcome contributions from the community! If you have any suggestions, bug reports, or ideas for improvement, feel free to open an issue or submit a pull request.

Support the project

If you find this project helpful and would like to support its development, please consider donating:

Buy me a coffee

License

This project is licensed under the MIT License.

About

Pentesting tool for AWS Credentials

Resources

Readme
Activity

Stars

5 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 4

Version 0.3.0 Latest
Aug 27, 2024
+ 3 releases

Packages

No packages published

Languages