AWS Penetration Testing Tool with CrewAI 🛡️

A sophisticated AWS security assessment tool that leverages CrewAI to orchestrate automated penetration testing across multiple AWS services. This tool employs specialized AI agents to conduct thorough security analyses while maintaining compliance with AWS testing guidelines.

🌟 Features

Multi-Service Coverage: Comprehensive security assessment across major AWS services:
- S3 Bucket Analysis
- IAM Configuration Review
- Lambda Function Security
- EC2 Instance Assessment
- VPC Configuration Analysis
- EBS Volume Security
- ECS Cluster Evaluation
- EKS Security Review
- WAF Configuration Assessment
Intelligent Agents: Specialized AI agents for each service domain
Compliance-First Approach: Built-in authorization verification
Detailed Reporting: Comprehensive JSON reports with timestamps
Audit Logging: Complete command history tracking

📋 Prerequisites

Python 3.8+
AWS CLI configured with appropriate credentials
OpenAI API key
Required Python packages:
```
pip install crewai pydantic
```

⚙️ Configuration

Set up your environment variables:
```
export OPENAI_API_KEY='your-api-key'
```
Configure AWS CLI with appropriate credentials:
```
aws configure
```
Install required dependencies:
```
pip install -r requirements.txt
```

🚀 Usage

Basic Usage

from crewAI_AWS import AWSPentestCrew

# Initialize the pentest crew
aws_pentest = AWSPentestCrew()

# Run tests for specific services
services = ['s3', 'iam', 'lambda']
result = aws_pentest.run(services)

Advanced Usage

# Custom scope definition
from crewAI_AWS import PentestScope
from datetime import datetime, timedelta

scope = PentestScope(
    target_account="123456789012",
    allowed_services=["s3", "iam", "lambda"],
    excluded_services=["rds", "dynamodb"],
    start_time=datetime.now(),
    end_time=datetime.now() + timedelta(hours=4),
    approved_by="Security Team Lead",
    approval_date=datetime.now()
)

# Initialize with custom scope
aws_pentest = AWSPentestCrew()
result = aws_pentest.run(scope.allowed_services)

🔍 Detailed Test Coverage

S3 Security Checks

Bucket Access Control
- ACL configurations
- Bucket policy analysis
- Public access block settings
Data Protection
- Encryption status (at rest and in transit)
- Versioning configuration
- Cross-region replication
Access Management
- IAM policy evaluation
- Bucket ownership controls
- Cross-account access
Logging & Monitoring
- Access logging configuration
- CloudTrail integration
- Event notifications

IAM Security Checks

User Management
- Password policy compliance
- MFA enforcement
- Access key rotation
- Unused credentials
Role Analysis
- Permission boundaries
- Service-linked roles
- Cross-account roles
Policy Evaluation
- Least privilege assessment
- Inline vs. managed policies
- Resource-based policies
Security Features
- AWS Organizations integration
- SCPs (Service Control Policies)
- Permission boundaries

Lambda Security Checks

Function Configuration
- Runtime versions
- Memory/timeout settings
- VPC configuration
Security Controls
- IAM role permissions
- Resource policies
- Environment variables
Dependencies
- Layer security
- External package scanning
- Code signing
Integration Security
- API Gateway configurations
- Event source permissions
- Cross-service access

EC2 Security Checks

Instance Security
- Security group rules
- Network ACLs
- Instance profiles
Network Configuration
- VPC placement
- Subnet configuration
- Routing tables
Storage Security
- EBS encryption
- Instance store security
- AMI management
Access Control
- SSH key management
- Systems Manager access
- Instance connect

VPC Security Checks

Network Architecture
- CIDR block allocation
- Subnet design
- Availability Zone distribution
Connectivity
- VPC peering
- Transit Gateway
- VPN connections
Security Controls
- Network ACLs
- Security groups
- Flow logs
Routing
- Route table configuration
- Internet gateway setup
- NAT gateway placement

EBS Security Checks

Volume Management
- Encryption status
- Snapshot policies
- Cross-region replication
Access Control
- IAM permissions
- Volume attachment
- Snapshot sharing
Backup & Recovery
- Backup policies
- Cross-account backup
- Lifecycle management

ECS Security Checks

Cluster Security
- Network mode
- Task definitions
- Service configuration
Container Security
- Image scanning
- Secrets management
- Resource limits
Network Controls
- Service discovery
- Load balancer integration
- Security groups

EKS Security Checks

Cluster Configuration
- Control plane logging
- Network policies
- RBAC settings
Node Security
- Node group configuration
- Instance profiles
- Container runtime
Pod Security
- Security contexts
- Network policies
- Service accounts

WAF Security Checks

Rule Management
- Rule group configuration
- Custom rule evaluation
- Rate limiting
Protection Features
- SQL injection prevention
- XSS protection
- IP reputation
Logging & Monitoring
- Logging configuration
- Metrics collection
- Alert setup

📊 Output Format

Test Results Structure

{
  "timestamp": "2024-11-05T10:00:00Z",
  "findings": [
    {
      "service": "s3",
      "severity": "HIGH",
      "description": "Public bucket found with sensitive data",
      "evidence": "Bucket policy allows anonymous access",
      "timestamp": "2024-11-05T10:01:00Z"
    }
  ],
  "commands_executed": [
    {
      "command": "aws s3api list-buckets",
      "timestamp": "2024-11-05T10:00:30Z",
      "success": true
    }
  ],
  "recommendations": [
    {
      "service": "s3",
      "recommendation": "Enable bucket public access blocking",
      "timestamp": "2024-11-05T10:02:00Z"
    }
  ]
}

Command Log Format

{
  "success": true,
  "output": "command output",
  "error": null,
  "command": "aws command",
  "timestamp": "2024-11-05T10:00:00Z"
}

⚠️ Security Considerations

AWS Service Limits

Monitor API rate limits
Track resource creation limits
Consider concurrent test limitations

Cost Management

Monitor resource usage
Set up billing alerts
Clean up test resources

Compliance Requirements

Follow AWS testing guidelines
Maintain audit logs
Document approval process

🔐 Best Practices

Before Testing

Scope Definition
- Define clear boundaries
- Document excluded services
- Set testing timeframes
Authorization
- Obtain written approval
- Verify AWS permissions
- Set up monitoring
Environment Preparation
- Back up critical data
- Set up logging
- Configure alerts

During Testing

Execution
- Monitor resource usage
- Track API calls
- Log all activities
Communication
- Maintain stakeholder contact
- Report critical findings
- Document progress
Resource Management
- Track created resources
- Monitor costs
- Maintain test inventory

After Testing

Clean-up
- Remove test resources
- Verify service state
- Document changes
Reporting
- Compile findings
- Prioritize remediation
- Document evidence
Follow-up
- Schedule reviews
- Track remediation
- Update documentation

📜 License

This project is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments

CrewAI framework developers
AWS CLI contributors
OpenAI API team
Community contributors

📞 Support

GitHub Issues: Bug reports and feature requests
Documentation: Wiki
Discussions: GitHub Discussions

🔄 Version History

1.0.0 (2024-11-05)

Initial release
Basic service coverage
Authorization workflow
Reporting system

1.1.0 (Coming Soon)

Enhanced reporting
Additional service coverage
Performance improvements
Extended documentation

📚 Additional Resources

Note: This tool is for authorized security testing only. Ensure compliance with AWS terms of service and obtain necessary permissions before use. Note: Agent may hallucinate sometime

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
AWS_Agent.py		AWS_Agent.py
README.md		README.md

harishsg993010/PentestAgent

Folders and files

Latest commit

History

Repository files navigation