Skip to content
/ cs-suite Public
forked from SecurityFTW/cs-suite

Cloud Security Suite - One stop tool for auditing the security posture of AWS & GCP infrastructure.

License

GPL-3.0 license
1 star 216 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Halbachb/cs-suite

BranchesTags
 
 

Repository files navigation

Cloud Security Suite (cs-suite) - Version 2.0

Pre-requisites for Manual setup

  • OS - MacOS or Linux
  • Python 2.7
  • pip
  • git
  • gcc (for sshpass installation (OS Audit). Not a mandatory pre-requisite)
  • AWS Audit - AWS ReadOnly Keys
  • GCP Audit - gcloud setup

Installation

git clone https://github.com/SecurityFTW/cs-suite.git
cd cs-suite/
sudo python setup.py

Note - Generate a set of ReadOnly AWS keyswhich the tool will ask to finish the installation process. For GCP, setup google cloud SDK.

Running cs-suite

To run AWS Audit - python cs.py -env aws
To run GCP Audit - python cs.py -env gcp -pId <project_name>

  • The final report will be available in reports directory

  • The final AWS Audit report looks like below:

AWS Audit report

  • The final GCP Audit report looks like below:

GCP Audit report

Docker Setup

  • Create a local directory aws with credentials and config files

  • The config file looks like below

$ cat aws/config

[default]
output = json
region = us-east-1
  • The credentials file looks like below
$ cat aws/credentials

[default]
aws_access_key_id = XXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXXXXXXXXXXXX

Note: This tool requires arn:aws:iam::aws:policy/ReadOnlyAccess IAM policy

  • Then run the follwing docker command to start
docker run -v `pwd`/aws:/root/.aws -v `pwd`/reports:/app/reports securityftw/cs-suite

For AWS

docker run -v `pwd`/aws:/root/.aws -v `pwd`/reports:/app/reports securityftw/cs-suite -env aws

Virtual Environment installation

(So you don't mess with the already installed python libraries)

  • pip install virtualenvwrapper
  • add it to the respective rc file of your shell (bashrc/zshrc) (for fish shell users check virtualfish)
  • echo "source /usr/local/bin/virtualenvwrapper.sh" >> ~/.bashrc
  • source the file source ~/.bashrc
  • cd cs-suite/
  • mkvirtualenv cssuite
  • workon cssuite
  • pip install -r requirements-virtual.txt
  • aws configure

Once installation is done, the tool will ask you for the AWS keys and region. These two are mandatory for the tool to work.

Documentation

https://securityftw.github.io

Thanks

About

Cloud Security Suite - One stop tool for auditing the security posture of AWS & GCP infrastructure.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 70.4%
  • Python 16.8%
  • HTML 8.2%
  • JavaScript 2.8%
  • PowerShell 0.9%
  • CSS 0.6%
  • Other 0.3%