This automation protect against subdomain takeover on AWS env which also send alerts on slack.

Related tags

Third-party APIs WrappersAWS_Subdomain_Takeover_Detector
Overview

AWS_Subdomain_Takeover_Detector

Purpose

The purpose of this automation is to detect misconfigured Route53 entries which are vulnerable to subdomain takeover.

Deployment Options

  • AWS Lambda, Rundeck or any cron

Prerequisites

  • IAM role with a permission of route53("ListHostedZones", "ListResourceRecordSets", "ListDomains").

Configuration Steps

  • Configure IAM role with permission mention above in prerequisites.
  • Deploy it on any of the cron Lambda/rundeck.
  • In slack_alert() please put the incoming webhook url of slack channel.

Scans Amazon Route53 to identify:

  • Check alias records for CloudFront distributions with missing S3 origin, ElasticBeanstalk vulnerable aliaa record and S3 vulnerable Alias record.
  • Check CNAME records for CloudFront distributions with missing S3 origin, S3 vulnerable CNAME and ElasticBeanstalk vulnerable CNAME.
  • Check for NS subdomain takeover.

TODO

  • Slack Integration ---------> Done
Owner
Puneet Kumar Maurya
I am a security engineer, who play CTF's, Skills: Application Security | Secure Code Review | AWS | ELK Stack | Terraform | Python | Go
Puneet Kumar Maurya
GitHub Repository
Aggrokatz is an aggressor plugin extension for Cobalt Strike which enables pypykatz to interface with the beacons remotely and allows it to parse LSASS dump files and registry hive files to extract credentials and other secrets stored without downloading the file and without uploading any suspicious code to the beacon.

aggrokatz What is this aggrokatz is an Aggressor plugin extension for CobaltStrike which enables pypykatz to interface with the beacons remotely. The

SEC Consult Vulnerability Lab 148 Dec 09, 2022
A Dm Bot, also knows as Mass DM bot which can send one message to All of the Users in a Specific Server!

Discord DM Bot discord.py 1.7.2 python 3.9.5 asyncio 3.4.3 Installation Cloud Host Tutorial uploaded in YouTube, watch it by clicking here. Local Host

hpriyam8 7 Mar 24, 2022
阿里云盘上传脚本

阿里云盘上传脚本 Author:李小恩 Github:https://github.com/Hidove/aliyundrive-uploader 如有侵权,请联系我删除 禁止用于非法用途,违者后果自负 环境要求 python3 使用方法 安装 git clone https://github.co

Hidove 301 Jan 01, 2023
You can submit any PR and have SWAGS. Happy Hacktoberfest !

Excluded project Repository 🔴 🔴 🔴 - PR limit is reached. Please use another Repository Hacktoberfest 2021 🎉 🗣 Hacktoberfest encourages participat

Hansajith 63 Oct 21, 2022
Bitcoin-chance-wheel - Try your luck at getting bitcoins

Program Features - ✍️ Why did we name this tool the Lucky Wheel? - ✍️ This tool

hack4lx 20 Dec 22, 2022
Discord Mass Edit is a unique, purging related Discord tool that differs from the regular mass delete.

Discord Mass Edit is a unique, purging related Discord tool that differs from the regular mass delete. This tool will automatically edit every message in a chosen channel and change it to a random st

c0mpt0 1 Jul 27, 2022
Discord CTF helper bot for CyberErudites

Eruditus - CTF helper bot Eruditus - CTF helper bot About Eruditus is a Discord CTF helper bot built with Python, it was initially designed to be used

Hafidh 34 Dec 30, 2022
Drcom-pt-client - Drcom Pt version client with refresh timer

drcom-pt-client Drcom Pt version client with refresh timer Dr.com Pt版本客户端 可用于网页认

4 Nov 16, 2022
A collective list of free APIs for use in software and web development.

Public APIs A collective list of free APIs for use in software and web development. A public API for this project can be found here! For information o

222.5k Jan 02, 2023
A simple bot which using an API , detects reported discord scams and kicks the user if possible while deleting the message

A simple bot which using an API , detects reported discord scams and kicks the user if possible while deleting the message

Vioshim 3 Nov 16, 2022
A multi-purpose Discord bot with simple moderation commands, reaction roles, reminders, and much more!

Nokari This is the rewrite of Nokari. There are still a lot of things to be done. I'm still working on the internal logic, so the bot basically has no

Norizon 13 Nov 17, 2022
A Bot Upload file|video To Telegram using given Links.

A Bot Upload file|video To Telegram using given Links.

Hash Minner 19 Jan 02, 2023
A modular Telegram Python bot running on python3 with a sqlalchemy database

Nao Tomori Robot Found Me On Telegram As Nao Tomori 🌼 A modular Telegram Python bot running on python3 with a sqlalchemy database. How to setup/deplo

Sena 84 Jan 04, 2023
Filters to block and remove copycat-websites from DuckDuckGo and Google

uBlock Origin - Shitty Copy-Paste websites filter Filter for uBlock origin to remove spam-website results from DuckDuckGo and Google that just blatant

99 Dec 15, 2022
Python SDK for interacting with the Frame.io API.

python-frameio-client Frame.io Frame.io is a cloud-based collaboration hub that allows video professionals to share files, comment on clips real-time,

Frame.io 37 Dec 21, 2022
Administration Panel for Control FiveM Servers From Discord

FiveM Discord Administration Panel Version 1.0.0 If you would like to report an issue or request a feature. Join our Discord or create an issue. Contr

NIma 9 Jun 17, 2022
Aria/qBittorrent Telegram mirror/leech bot

This is a Telegram Bot written in Python for mirroring files on the Internet to your Google Drive or Telegram. Based on python-aria-mirror-bot Feature

28 Dec 25, 2022
Apex lets you build, deploy, and manage AWS Lambda functions with ease.

No longer maintained This software is no longer being maintainted and should not be chosen for new projects. See this issue for more information Apex

Apex 25 Dec 23, 2022
Network simulation tools

Overview I'm building my network simulation environments with Vagrant using libvirt plugin on a Ubuntu 20.04 system... and I always hated how boring i

Ivan Pepelnjak 219 Jan 07, 2023
This is a translator that i made by myself in python with the 'googletrans' library

Translator-Python This is a translator that i made by myself in python with the 'googletrans' library This application completely made in python allow

Thadeuks 2 Jun 17, 2022