Find Risky Security Groups Fast in AWS!

Introduction

Security Groups can help isolate networks. Finding gaps and exposure may be tedious, so I’ve created a script to help.

The What

This tool will help you scan for ALL rules within Security Groups quickly via Powershell CLI.

Pre-requisites

How to install is laid out within the AWS documentation here: How to install

Once done, you will need the following modules:

Install-AWSToolsModule AWS.Tools.Ec2

The script also works based on “profiles”. This is laid out in the documentation link above. Once you have these profiles, you can run this script.

If you would only like to scan specific regions, uncomment and edit lines 
33–34:

Running

Once you are up and running, download the script from GitHub here…

Run the script, and enter the chosen profile:

The script will then scan through each region, and help spot ANY rules.

If it finds exposed, Ec2 instances, it will flag these:

Advertisement

Securethelogs

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Create a website or blog at WordPress.com

%d bloggers like this: