AWS security tools

Image of Amazon logo with security tools text

Introduction

The time that people were reluctant to use cloud services, seems behind us. Amazon Web Services or AWS is one of the big players now when it comes to cloud computing services. With everything that is big, it won't take long for security-minded people to notice and do some poking at it. This category of tools is focused in particular on some of the services provided by AWS. There are configuration auditing tools to scan the nodes itself, while other tools specifically scan the storage (S3 buckets).

Usage

AWS security tools are typically used for configuration audit and storage security testing.

Users for these tools include pentesters, security professionals, system administrators.

Tools

Popular AWS security tools

AWSBucketDump (Amazon S3 bucket scanner)

configuration audit, discovery of sensitive information, security assessment

AWSBucketDump is a security tool to find interesting files in AWS S3 buckets that are part of Amazon cloud services. These storage containers may have interesting files, which a tool like AWSBucketDump can discover.

BuQuikker (find open AWS S3 buckets)

data leak detection, security assessment

BuQuikker is a security tool to scan the Amazon S3 storage service. Its goal is to find open and unprotected S3 buckets.

Bucket Finder (AWS S3 bucket finder)

data leak detection, penetration testing, security assessment

The Bucket Finder tool can be a helpful tool during penetration testing and security assessments. It helps with the discovery of S3 buckets on the Amazon AWS cloud.

CloudSploit scans (AWS account scanner)

IT audit, configuration audit, security assessment

CloudSploit scans is an open source software project to test security risks related to an AWS account. It runs tests against your Amazon account and aims to discover any potential misconfigured setting or other risks.

Prowler (AWS benchmark tool)

compliance testing, security assessment, system hardening

Prowler is a security tool to check systems on AWS against the related CIS benchmark. This benchmark provides a set of best practices for AWS. The primary usage for this tool is system hardening and compliance checking.

S3Scanner (AWS S3 bucket scanner)

information gathering, information leak detection, penetration testing, storage security testing

The aptly named S3Scanner is to be used to detect AWS S3 buckets. Discovered buckets are displayed, together with the related objects in the bucket.

Security Monkey (security monitoring tool)

security monitoring

Security Monkey monitors AWS and GCP accounts for policy changes and alerts on insecure configurations.

Teh S3 Bucketeers (AWS S3 bucket scanner)

penetration testing, security assessment, storage security testing

Tools like Teh S3 Bucketeers are valuable for doing reconnaissance and information gathering. They may be used during penetration tests and security assessments. The primary goal of these tools is to find S3 buckets that may lead to sensitive data stored on Amazon's storage service.

Zeus (AWS auditing and hardening tool)

configuration audit, security assessment, self-assessment, system hardening

Zeus is a tool to perform a quick security scan of an AWS environment. It helps to find missing security controls, so additional system hardening measures can be applied to systems.

inSp3ctor (AWS S3 bucket and object discovery)

penetration testing, security assessment, storage security testing

Like other S3 bucket scanners, inSp3ctor helps to find valid storage buckets on Amazon's AWS platform. This can be useful for security assignments like penetration testing or see what information is available about a company. Another option is using it to see if any private data is leaking.

s3-fuzzer (Amazon S3 bucket scanner)

configuration audit, discovery of sensitive information, security assessment

This fuzzing tool helps with discovering sensitive data in Amazon S3 buckets. S3 buckets are storage containers and may reveal data to unauthorized individuals. This tools helps with the discovery process.

Other related category: Amazon S3 bucket scanners

Missing a favorite tool in this list? Share a tool suggestion and we will review it.

Related topics

Looking for more specific topics within this tool group? Have a look at the following relevant topics.