AWS/lambdas - Lists the lambda functions in the account, including which one's have admin roles attached. Also gives you handy commands for downloading each function.
AWS/cloudformation - Lists the cloudformation stacks in the account. Generates loot file with stack details, stack parameters, and stack output - look for secrets.
AWS/ram - List all resources in this account that are shared with other accounts, or resources from other accounts that are shared with this account. Useful for cross-account attack paths.
AWS/tags - List all resources with tags, and all of the tags. This can be used similar to inventory as another method to identify what types of resources exist in an account.
Updated commands:
AWS/instances - Now checks all roles attached to instances to see if the role has administrative permissions
Other:
AWS - New multi profile support with an -all-profiles option --profiles-list option - new in 1.7.2 (Thanks @dbravo-bishopfox)
AWS - New services added to inventory - new in 1.7.1 (Thanks @wdahlenburg)
AWS - Added profile name to module output to help when using the new multi profile support
5525266: Merge remote-tracking branch 'origin/main' into seth-dev (sethsec-bf) #15
71e85c2: merged pr #8 into this branch and added the new for loop logic to cloudformation command (sethsec-bf) #15
9498d2d: first draft of a tags command (sethsec-bf) #15
45e548c: cleaned up tags command a bit (sethsec-bf) #15
7d8ebc2: first draft of lambda commandd (sethsec-bf) #15
8ce9a00: fixed bug in outbound-assumed-roles - missing add to wg counter (sethsec-bf) #15
40d7a3c: added loot to lambda command, added unique resource total for tags command, bumped version to 1.8.0 (sethsec-bf) #15
dadef38: updated lambda to include isAdmin check, fixed some bugs wtih all profiles, updated logrus so it could support one method calling another (sethsec-bf) #15
712ec9c: Added a check to confirm all profiles, but also added a way to override the confirmation so that it can be run non-interactively even in this mode (sethsec-bf) #8
8bfee76: Added error handling to multi profile mode for when a profile errors out. It would crash prorgram, but now it just skips the profile (sethsec-bf) #8
00317a5: Added profiles that are only in .aws/config to GetAllAWSProfiles(). Added check to avoid duplicates (sethsec-bf) #8
bb879c3: removed prerun-check from aws cobra command (sethsec-bf) #8
cc38c1f: updated error message to include profile (sethsec-bf) #8
467f6b4: fixed missing part of all-checks/inventory (sethsec-bf) #8
ee7c3c0: tried to use mock filesystem for tests, but still not working. TODO (sethsec-bf) #8
6123172: small bugfix from env-vars command (motikan2010) #14
4d4992d: update version for the 1.7.2 bug fix release (Seth Art)
v1.7.1
1 year ago
Summary
Added DynamoDB, Glue, SNS, and SQS to Inventory (thanks @wdahlenburg) (PR #4)
a342c4d: Fixed NextToken bug in getGlueDevEndpointsPerRegion (sethsec-bf) #4
a63c62d: added new permissions to cloudfox-policy.json (sethsec-bf) #4
79dbe13: using aws.ToString to avoid a potential nil pointer refernce bug if aws ever changes this API (sethsec-bf) #4
cd3a4be: Merge remote-tracking branch 'origin' into seth-dev (sethsec-bf) #6
91ad816: Update to cloudfox-policy.json Sid (Christian Frichot) #5
95d1fbc: Added concurrency to secrets. Added concurrency flag to all aws commands, only some of them use it so far though (sethsec-bf) #6
b3531fa: Merge remote-tracking branch 'origin' into seth-dev (sethsec-bf) #6
351a9cc: Added concurrency limit to rest of modules that use conncurency. fixed bug with env-vars not getting the new goroutines number from cli (sethsec-bf) #6
6aee478: disabled ram, fixed but added to ecr that messed up the concurrency counters (sethsec-bf) #6
89c6c0d: disabled ram, fixed but added to ecr that messed up the concurrency counters (sethsec-bf) #6