Threat Hunting Toolkit
Project description
botoplus
Cloud Security Posture Management (CSPM) is a crowded market space with all the Open-Source and Vendor offerings. Why do we need yet another set of Python Boto3 scripts?
Having written so much code over the years, it was time for a more extensible framework addressing common pitfalls.
- Identity Access Management
- Supported Artifact Collection
- API Call Exhaustion (Storage)
Enter the service, action, and result key to capture Amazon Web Services (AWS) data from that point in time view.
Reference: https://github.com/boto/botocore/tree/develop/botocore/data
Installation
Requirement
AWS Command Line Interface (AWS CLI) Version 2
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install
aws --version
https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html
Deployment
pip install botoplus
Shell Completion
botoplus --install-completion
IAM Identity Center
Single Sign-On
$ botoplus login
Identity Store: portal
SSO Region: us-east-2
SSO Role: AWSAdministratorAccess
Authenticated!!
Pagination
Single Account - All Regions
$ botoplus account
AWS Service: ec2
AWS Action: describe_instances
Result Key: Reservations
Selected Account: AccountName
** 123456789012 {AccountName} **
- af-south-1
- eu-north-1
- ap-south-1
- eu-west-3
- eu-west-2
- eu-south-1
- eu-west-1
- ap-northeast-3
- ap-northeast-2
- me-south-1
- ap-northeast-1
- me-central-1
- sa-east-1
- ca-central-1
- ap-east-1
- ap-southeast-1
- ap-southeast-2
- ap-southeast-3
- eu-central-1
- us-east-1
- us-east-2
- us-west-1
- us-west-2
Single Region - All Accounts
$ botoplus paginator
AWS Service: ec2
AWS Action: describe_instances
Result Key: Reservations
Update Collection [y/N]: y
** 123456789011 {AccountName1} **
- us-east-2
** 123456789012 {AccountName2} **
- us-east-2
All Regions - All Accounts
$ botoplus paginators
AWS Service: ec2
AWS Action: describe_instances
Result Key: Reservations
** 123456789011 {AccountName1} **
- af-south-1
- eu-north-1
- ap-south-1
- eu-west-3
- eu-west-2
- eu-south-1
- eu-west-1
- ap-northeast-3
- ap-northeast-2
- me-south-1
- ap-northeast-1
- me-central-1
- sa-east-1
- ca-central-1
- ap-east-1
- ap-southeast-1
- ap-southeast-2
- ap-southeast-3
- eu-central-1
- us-east-1
- us-east-2
- us-west-1
- us-west-2
** 123456789012 {AccountName2} **
- af-south-1
- eu-north-1
- ap-south-1
- eu-west-3
- eu-west-2
- eu-south-1
- eu-west-1
- ap-northeast-3
- ap-northeast-2
- me-south-1
- ap-northeast-1
- me-central-1
- sa-east-1
- ca-central-1
- ap-east-1
- ap-southeast-1
- ap-southeast-2
- ap-southeast-3
- eu-central-1
- us-east-1
- us-east-2
- us-west-1
- us-west-2
Single Region - Single Account
$ botoplus region
AWS Service: ec2
AWS Action: describe_instances
Result Key: Reservations
Selected Account: AccountName
Selected Region: us-east-2 [y/N]: y
** 123456789012 {AccountName} **
- us-east-2
Validation
Items Checked
- AWS Account Alias
- AWS Account Number
- Selected Account
- Selected Region
- SSO Active Region
- SSO Active Role
- Update Collection
Development
Local Build
python setup.py install --user
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
botoplus-0.3.1.tar.gz
(10.1 kB
view hashes)
Built Distribution
botoplus-0.3.1-py3-none-any.whl
(12.8 kB
view hashes)