Tool Link

https://github.com/shabarkin/aws-enumerator

Disclaimer

The tool is in beta stage (testing in progress), no destructive API Calls used ( read only actions ). I hope, there will be no issues with the tool. If any issues encountered, please submit the ticket.

Description

The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud review in case the security researcher compromised AWS Account Credentials.

AWS Enumerator supports more than 600 API Calls ( reading actions Get, List, Describe etc... ), and will be extended.

The tool provides interface for result analysis. All results are saved in json files (one time "Database").

Install

If you have Go installed and configured (i.e. with $GOPATH/bin in your $PATH):

go get -u github.com/shabarkin/aws-enumerator

Basic Usage

Credentials setup

To setup credentials, you should use cred subcommand and supply credentials:

./aws-enumerator cred -aws_region us-west-2 -aws_access_key_id AKIA***********XKU -aws_secret_access_key kIm6m********************5JPF

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/79476d30-2660-4074-aa83-a1a8b98d5553/Screenshot_2021-04-10_at_14.43.51.png

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/fb21e481-401a-4752-929d-d2757a60eb90/Screenshot_2021-04-10_at_14.45.51.png

It creates .env file, which is loaded to global variables each time you call enum subcommand.

WARNING: If you set these values AWS_REGION, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN in global variables manually before running the tool, it will not be able to load AWS Credentials specified in .env file ( It can't overwrite global variables ).