Fetch the details of assets hosted on AWS.

Related tags

Third-party APIs Wrappers aws tool bug-bounty reconnaissance
Overview

onaws

onaws is a simple tool to check if an IP/hostname belongs to the AWS IP space or not. It uses the AWS IP address ranges data published by AWS to perform the search.

The tool could be used for:

  • Continuous recon of assets
  • Gathering assets using a specific service (e.g. EC2)
  • Finding region information for S3 buckets
  • ... etc.

onaws

Install

pip install onaws

Usage

Given an IP:

onaws 52.219.47.34

Given a hostname:

A domain or subdomain can be passed as input:

onaws example.com

You may also supply an S3 bucket hostname as input:

onaws dropbox.s3.amazonaws.com

List of hostnames

onaws accepts line-delimited hosts on STDIN. This is helpful if you want to pipe the output of other tools to onaws:

$ cat hosts.txt
uber.s3.amazonaws.com
aws.com
google.com


$ cat hosts.txt | onaws
{
    "uber.s3.amazonaws.com": {
        "is_aws_ip": true,
        "ip_address": "52.218.46.121",
        "service": "S3",
        "region": "eu-west-1",
        "matched_subnet": "52.218.0.0/17",
        "hostname": "uber.s3.amazonaws.com"
    },
    "aws.com": {
        "is_aws_ip": true,
        "ip_address": "52.84.13.117",
        "service": "CLOUDFRONT",
        "region": "GLOBAL",
        "matched_subnet": "52.84.0.0/15",
        "hostname": "aws.com"
    },
    "google.com": {
        "is_aws_ip": false
    }
}

Output

If the IP/hostname falls in the AWS IP range, onaws will return the service, region and other details in the output:

{
    "is_aws_ip": true,
    "ip_address": "52.218.196.155",
    "service": "S3",
    "region": "us-west-2",
    "matched_subnet": "52.218.128.0/17",
    "hostname": "flaws.cloud"
}

Contribution

I welcome contributions from the public. If you find something that could be improved, please file an Issue or send a PR :)

Credits

  • Thanks to @TomNomNom for suggesting the name.
Comments
  • Code refactor; input + output streaming (#1 and #2); better output

    Code refactor; input + output streaming (#1 and #2); better output

    I refactor the code and introduce input + output streaming (closes #1 and closes #2), with the output being in JSONL format. The input streaming approach was taken from the PR by @havefish (#3)—good stuff!

    Furthermore, I improve the output and make it list-input-friendly by showing the specified input. It now looks as follows: image

    opened by KarimPwnz 1
  • Cache ip ranges

    Cache ip ranges

    Given the size of the AWS IP ranges file, this PR makes onaws cache it. The cache is updated when the etag header, which represents the MD5 checksum of the remote data, does not match the local data checksum.

    The local cache is located at ~/.onaws/ip-ranges.json, and all functionality related to fetching the IP ranges has been moved to ipranges.py.

    opened by KarimPwnz 0
  • ISSUE #1, ISSUE #2: streaming input and output

    ISSUE #1, ISSUE #2: streaming input and output

    • current changes stream the input, hence the processing should occur at constant memory
    • However, as the output is still being gathered in-memory, the memory consumption on large input still remains; to be solved in issue #2.
    • a optional parameter has been added -s that takes two values t: text or j: json
    • with this change the whole process should run at constant memory
    • Example Usage: cat file.txt | onaws -sj
    opened by havefish 0
  • Line delimited Output

    Line delimited Output

    • currently the output is dumped in a single JSON.
    • this approach won't work for a large input
    • also streaming the output won't be possible, to use the output the while thing has to be produced first.
    • the solution is line delimited JSON or plain text
    opened by havefish 0
  • Added -i and -o parameters for input and output files

    Added -i and -o parameters for input and output files

    Quick and dirty solution to add input and output files to work in my pipeline. The changes should not break anything afaik, you can merge it if you like. Thank you for the code!

    opened by kz0ltan 0
Releases(v1.0.3)
Owner
Amal Murali
Hmm.
Amal Murali
GitHub https://github.com/amalmurali47/onaws
DIAL(Did I Alert Lambda?) is a centralised security misconfiguration detection framework which completely runs on AWS Managed services like AWS API Gateway, AWS Event Bridge & AWS Lambda

DIAL(Did I Alert Lambda?) is a centralised security misconfiguration detection framework which completely runs on AWS Managed services like AWS API Gateway, AWS Event Bridge & AWS Lambda

CRED 71 Dec 29, 2022
Get-Phone-Number-Details-using-Python - To get the details of any number, we can use an amazing Python module known as phonenumbers.

Get-Phone-Number-Details-using-Python To get the details of any number, we can use an amazing Python module known as phonenumbers. We can use the amaz

Coding Taggers 1 Jan 1, 2022
A python telegram bot to fetch the details of an ipadress with help of ip-api

ipfetcher A python(Pyrogram) oriented telegram bot to fetch the details of an ipadress developed by @riz4d with the API of https://ip-api.com Deployme

Mohamed Rizad 5 Mar 12, 2022
AHA is an incident management & communication framework to provide real-time alert customers when there are active AWS event(s). For customers with AWS Organizations, customers can get aggregated active account level events of all the accounts in the Organization. Customers not using AWS Organizations still benefit alerting at the account level.

Table of Contents Introduction Architecture Configuring an Endpoint Creating a Amazon Chime Webhook URL Creating a Slack Webhook URL Creating a Micros

AWS Samples 215 Dec 23, 2022
Automated AWS account hardening with AWS Control Tower and AWS Step Functions

Automate activities in Control Tower provisioned AWS accounts Table of contents Introduction Architecture Prerequisites Tools and services Usage Clean

AWS Samples 20 Dec 7, 2022
Implement backup and recovery with AWS Backup across your AWS Organizations using a CI/CD pipeline (AWS CodePipeline).

Backup and Recovery with AWS Backup This repository provides you with a management and deployment solution for implementing Backup and Recovery with A

AWS Samples 8 Nov 22, 2022
A Twitter bot developed in Python using the Tweepy library and hosted in AWS.

Twitter Cameroon: @atangana_aron A Twitter bot developed in Python using the Tweepy library and hosted in AWS. https://twitter.com/atangana_aron Cost

null 1 Jan 30, 2022
Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.

aws-allowlister Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance fr

Salesforce 189 Dec 8, 2022
SSH-Restricted deploys an SSH compliance rule (AWS Config) with auto-remediation via AWS Lambda if SSH access is public.

SSH-Restricted SSH-Restricted deploys an SSH compliance rule with auto-remediation via AWS Lambda if SSH access is public. SSH-Auto-Restricted checks

Adrian Hornsby 30 Nov 8, 2022
AWS Auto Inventory allows you to quickly and easily generate inventory reports of your AWS resources.

Photo by Denny Müller on Unsplash AWS Automated Inventory ( aws-auto-inventory ) Automates creation of detailed inventories from AWS resources. Table

AWS Samples 123 Dec 26, 2022
A suite of utilities for AWS Lambda Functions that makes tracing with AWS X-Ray, structured logging and creating custom metrics asynchronously easier

A suite of utilities for AWS Lambda Functions that makes tracing with AWS X-Ray, structured logging and creating custom metrics asynchronously easier

Amazon Web Services - Labs 1.9k Jan 7, 2023
aws-lambda-scheduler lets you call any existing AWS Lambda Function you have in a future time.

aws-lambda-scheduler aws-lambda-scheduler lets you call any existing AWS Lambda Function you have in the future. This functionality is achieved by dyn

Oğuzhan Yılmaz 57 Dec 17, 2022
Project template for using aws-cdk, Chalice and React in concert, including RDS Postgresql and AWS Cognito

What is This? This repository is an opinonated project template for using aws-cdk, Chalice and React in concert. Where aws-cdk and Chalice are in Pyth

Rasmus Jones 4 Nov 7, 2022
POC de uma AWS lambda que executa a consulta de preços de criptomoedas, e é implantada na AWS usando Github actions.

Cryptocurrency Prices Overview Instalação Repositório Configuração CI/CD Roadmap Testes Overview A ideia deste projeto é aplicar o conteúdo estudado s

Gustavo Santos 3 Aug 31, 2022
Python + AWS Lambda Hands OnPython + AWS Lambda Hands On

Python + AWS Lambda Hands On Python Criada em 1990, por Guido Van Rossum. "Bala de prata" (quase). Muito utilizado em: Automatizações - Selenium, Beau

Marcelo Ortiz de Santana 8 Sep 9, 2022
Unauthenticated enumeration of services, roles, and users in an AWS account or in every AWS account in existence.

Quiet Riot ?? C'mon, Feel The Noise ?? An enumeration tool for scalable, unauthenticated validation of AWS principals; including AWS Acccount IDs, roo

Wes Ladd 89 Jan 5, 2023
AWS Blog post code for running feature-extraction on images using AWS Batch and Cloud Development Kit (CDK).

Batch processing with AWS Batch and CDK Welcome This repository demostrates provisioning the necessary infrastructure for running a job on AWS Batch u

AWS Samples 7 Oct 18, 2022
Aws-lambda-requests-wrapper - Request/Response wrapper for AWS Lambda with API Gateway

AWS Lambda Requests Wrapper Request/Response wrapper for AWS Lambda with API Gat

null 1 May 20, 2022
AWS-serverless-starter - AWS Lambda serverless stack via Serverless framework

Serverless app via AWS Lambda, ApiGateway and Serverless framework Configuration

Bəxtiyar 3 Feb 2, 2022