This automation protect against subdomain takeover on AWS env which also send alerts on slack.

Related tags

Third-party APIs Wrappers AWS_Subdomain_Takeover_Detector
Overview

AWS_Subdomain_Takeover_Detector

Purpose

The purpose of this automation is to detect misconfigured Route53 entries which are vulnerable to subdomain takeover.

Deployment Options

  • AWS Lambda, Rundeck or any cron

Prerequisites

  • IAM role with a permission of route53("ListHostedZones", "ListResourceRecordSets", "ListDomains").

Configuration Steps

  • Configure IAM role with permission mention above in prerequisites.
  • Deploy it on any of the cron Lambda/rundeck.
  • In slack_alert() please put the incoming webhook url of slack channel.

Scans Amazon Route53 to identify:

  • Check alias records for CloudFront distributions with missing S3 origin, ElasticBeanstalk vulnerable aliaa record and S3 vulnerable Alias record.
  • Check CNAME records for CloudFront distributions with missing S3 origin, S3 vulnerable CNAME and ElasticBeanstalk vulnerable CNAME.
  • Check for NS subdomain takeover.

TODO

  • Slack Integration ---------> Done
You might also like...
A simple python bot that serves to send some notifications about GitHub events to Slack.
A simple python bot that serves to send some notifications about GitHub events to Slack.

github alerts slack bot 🤖 What is it? 🔍 This is a simple bot that serves to send some notifications about GitHub events to Slack channels. These are

Jackson Alves 10 Dec 10, 2022
A python library for creating Slack slash commands using AWS Lambda Functions

slashbot Slashbot makes it easy to create slash commands using AWS Lambda functions. These can be handy for creating a secure way to execute automated

Eric Brassell 17 Oct 21, 2022
Validate all your Customer IAM Policies against AWS Access Analyzer - Policy Validation
Validate all your Customer IAM Policies against AWS Access Analyzer - Policy Validation

✅ Access Analyzer - Batch Policy Validator This script will analyze using AWS Access Analyzer - Policy Validation all your account customer managed IA

Victor GRENU 41 Dec 12, 2022
We’re releasing an open-source tool you can use now, which we developed as a homemade Just-In-Time database access control tool for our sensitive database. This tool syncs with our directory service, slack, SIEM, and finally, our Apache Cassandra database.

Cassandra Access Control By Aner Izraeli - Intezer Security Manager ([email protected]) We’re releasing an open-source tool you can use now, which

Intezer Labs 6 Mar 31, 2022
Bot SpaceCrypto - An automation (bot) to play the game SpaceCrypto, it automatically log in, send ships to fight, refresh the game, new map, etc
Bot SpaceCrypto - An automation (bot) to play the game SpaceCrypto, it automatically log in, send ships to fight, refresh the game, new map, etc

SpaceCrypto Bot [en-us] In order to change to english Readme version click here.

Guilherme Matheus 11 Sep 11, 2022
Ubuntu env build; Nginx build; DB build;

Deploy 介绍 Deploy related scripts bitnami Dependencies Ubuntu openssl envsubst docker v18.06.3 docker-compose init base env upload https://gitlab-runn

Colin(liuji) 10 Dec 1, 2021
GBSLocalLauncher - A script to compose ENV file for Local Compose

GBSLocalLauncher This is a script to compose ENV file for Local Compose. It crea

null 2 Jan 27, 2022
Automatically send commands to send Twitch followers to any Twitch account.
Automatically send commands to send Twitch followers to any Twitch account.

Automatically send commands to send Twitch followers to any Twitch account. You just need to be in a Twitch follow bot Discord server!

Thomas Keig 6 Nov 27, 2022
Protect Discord server invite link

DiscordOauth2Join Protect discord server invite links! Setup I will not help setting up the discord application, but just python. First, install the r

ZEEE 4 Aug 12, 2021
Comments
  • Backoff and Retries implementation

    Backoff and Retries implementation

    The code does not have backoff and retries implemented while making call to R53. As a good practice it is recommended to have them implemented.

    https://aws.amazon.com/builders-library/timeouts-retries-and-backoff-with-jitter/

    A good library is https://backoff-utils.readthedocs.io/en/latest/

    opened by sankeyraut 0
Owner
Puneet Kumar Maurya
I am a security engineer, who play CTF's, Skills: Application Security | Secure Code Review | AWS | ELK Stack | Terraform | Python | Go
Puneet Kumar Maurya
GitHub
Tracker to check the covid shot slot availability in India and send mobile alerts via Twilio Messaging Service.

Cowin-Slot-Tracker Tracker to check the covid vaccine slot availability in India and send mobile notifications through Twilio Messaging Service. Requi

invalid username 27 Nov 12, 2022
And now, for the first time, you can send alerts via action from ArcSight ESM Console to the TheHive when Correlation Rules are triggered.

ArcSight Integration with TheHive And now, for the first time, you can send alerts via action from ArcSight ESM Console to the TheHive when Correlatio

Amir Hossein Zargaran 3 Jan 19, 2022
Send OpenWeatherMap alerts (One Call API) to telegram users.

OpenWeatherMap Telegram Alert Send OpenWeatherMap alerts (One Call API) to telegram users. Installation Requirements: $ apt install python3-yaml pytho

Michael Hacker 1 Jun 4, 2022
AHA is an incident management & communication framework to provide real-time alert customers when there are active AWS event(s). For customers with AWS Organizations, customers can get aggregated active account level events of all the accounts in the Organization. Customers not using AWS Organizations still benefit alerting at the account level.

Table of Contents Introduction Architecture Configuring an Endpoint Creating a Amazon Chime Webhook URL Creating a Slack Webhook URL Creating a Micros

AWS Samples 215 Dec 23, 2022
Automated AWS account hardening with AWS Control Tower and AWS Step Functions

Automate activities in Control Tower provisioned AWS accounts Table of contents Introduction Architecture Prerequisites Tools and services Usage Clean

AWS Samples 20 Dec 7, 2022
Implement backup and recovery with AWS Backup across your AWS Organizations using a CI/CD pipeline (AWS CodePipeline).

Backup and Recovery with AWS Backup This repository provides you with a management and deployment solution for implementing Backup and Recovery with A

AWS Samples 8 Nov 22, 2022
A Dm Bot, also knows as Mass DM bot which can send one message to All of the Users in a Specific Server!

Discord DM Bot discord.py 1.7.2 python 3.9.5 asyncio 3.4.3 Installation Cloud Host Tutorial uploaded in YouTube, watch it by clicking here. Local Host

hpriyam8 7 Mar 24, 2022
A simple discord bot written in python which can surf subreddits, send a random meme, jokes and also weather of a given place

A simple Discord Bot A simple discord bot written in python which can surf subreddits, send a random meme, jokes and also weather of a given place. We

null 1 Jan 24, 2022
Automation application was made by me using Google, Sheet and Slack APIs with Python.

README This application is used to transfer the data in the xlsx document we have to the Google Drive environment and calculate the "total budget" wit

null 3 Apr 12, 2022
Send Informative, Concise Slack Notifications With Minimal Effort

slack-templates Send Informative, Concise Slack Notifications With Minimal Effort slack-templates Slack Integration Available Templates Usage Report t

null 9 Nov 3, 2022