Visius Heimdall is a tool that checks for risks on your cloud infrastructure

Related tags

Security related resourcesawscryptographycloudprivacyaws-lambdaaws-s3cybersecurityboto3heimdallvisius
Overview

Heimdall Cloud Checker ๐Ÿ‡ง๐Ÿ‡ท

Visius Heimdall Logo

About

Visius is a Brazilian cybersecurity startup that follows the signs of the crimson thunder ;) ๐ŸŽธ !

As we value open source initiatives a lot, we've decided to open Heimdall for everyone to see and help us to secure our digital life.

"Be warned, I will honor my sworn oath to protect this realm as its gatekeeper. If your return threatens the safety of Asgard, Bifrost will remain closed and you will be left to die on the cold waste of Jotunheim."

Heimdall is a tool to check risks on your AWS.

Running

Prerequisites:

  • Python3
  • Poetry
  • Make

On Linux

Download this project, extract it to a folder and navigate to it.

git clone https://github.com/visius-io/visius.heimdall.git
make setup/dev
make start

# Format files before commit
make format/run

Screenshots

1

2

3

4

Options

  • none : check everything
  • -h | --help : Show help
  • -c | --crypto : Checks if Encryption is enabled
  • -i | --credentials : Checks for password policy and users MFA
  • -e | --exposed : Checks for exposed items
  • -l | --logs : Checks for active Logs

Screenshots

To do

  • Add support to Azure
  • Add support to GCP
  • Any other cool stuff

Sponsor

The very first Viking Startup

You might also like...
Spring Cloud Gateway 3.0.7 & 3.1.1 Code Injection (RCE)

Spring Cloud Gateway 3.0.7 & 3.1.1 Code Injection (RCE) CVE: CVE-2022-22947 CVSS: 10.0 (Vmware - https://tanzu.vmware.com/security/cve-2022-22947)

Carlos Vieira 35 Dec 28, 2022
spring-cloud-gateway-rce CVE-2022-22947
spring-cloud-gateway-rce CVE-2022-22947

Spring Cloud Gateway Actuator API SpEL่กจ่พพๅผๆณจๅ…ฅๅ‘ฝไปคๆ‰ง่กŒ๏ผˆCVE-2022-22947๏ผ‰ 1.installation pip3 install -r requirements.txt 2.Usage $ python3 spring-cloud-gateway

k3rwin 10 Sep 28, 2022
We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. ๐Ÿ•ต๏ธ

Pardus Lookout We protect the privacy of the data on your computer by using the camera of your Debian based Pardus operating system. The application i

Ahmet Furkan DEMIR 19 Nov 18, 2022
Generate your own NFTs and their metadata based on your desired probabilities.

Generate your own NFTs and their metadata based on your desired probabilities. Use your own art assets too! Perfect for use with Candy Machine.

hex 7 Sep 16, 2022
PrivateRoom - Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin

privateRoom Make your work private by building a system using arduino which instantly kills a program when someone enters your room/cabin STEPS: Uploa

Divyanshu Kumar 3 Nov 8, 2022
This tool help you to check if your Windows machine has hidden miner.

Hidden Miner Detector This tool help you to check if your Windows machine has hidden miner. Miners track when you open antivirus software or task mana

ะะธะบะพะปะฐะน ะ‘ะพั€ั‰ั‘ะฒ 2 Oct 5, 2022
Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions

dns-mf-hazard Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions How to use it? Installation You need python

Marek Wajdzik 2 Jan 1, 2022
NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network
NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network

NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network. It applies to all linux operating systems. And it is improving every day, new packages are added. Thank You For Using NIVOS : [NIVOS Created By NIVO Team]

Error 263 Jan 1, 2023
All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. ๐ŸŽญ

All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. ๐ŸŽญ

Cracker 331 Jan 1, 2023
Comments
  • Add Poetry and shining tools

    Add Poetry and shining tools

    Hello! Thanks for this project!

    I'm just adding some basic python tools like Poetry to run and format files at this project following PEP8 guidelines.

    opened by lays147 1
  • Add support to Azure cloud

    Add support to Azure cloud

    Is your feature request related to a problem? Please describe. A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

    Describe the solution you'd like A clear and concise description of what you want to happen.

    Describe alternatives you've considered A clear and concise description of any alternative solutions or features you've considered.

    Additional context Add any other context or screenshots about the feature request here.

    opened by murksombra 0
Releases(1.0)

  • 1.0(Jul 14, 2021)

    The very first release of our OSS. Currently checking:

    • MFA users
    • Encrypted (S3, RDS and CloudTrail)
    • VPC logging
    • Exposed (RDS, S3, KMS and EBS)
    • Password Policy requirements
    Source code(tar.gz)
    Source code(zip)
Owner
visius
visius
GitHub Repository
This repo is about steps to create a effective custom wordlist in a few clicks/

Custom Wordlist This repo is about steps to take in order to create a effective custom wordlist in a few clicks. this comes handing in pentesting enga

2 Oct 08, 2022
This is the fuzzer I made to fuzz Preview on macOS and iOS like 8years back when I just started fuzzing things.

Fuzzing PDFs like its 1990s This is the fuzzer I made to fuzz Preview on macOS and iOS like 8years back when I just started fuzzing things. Some discl

Chaithu 14 Sep 30, 2022
PassLock is a medium-security password manager that encrypts passwords using Advanced Encryption Standards (AES)

A medium security python password manager that encrypt passwords using Advanced Encryption Standard (AES) PassLock is a password manager and password

Akshay Vs 44 Nov 18, 2022
Password database With special stuff

This is a Password database I made for myself, as I want to keep all my passwords in the same place. but still protected, shall anyone get access to the file. And so I made this simple password datab

9 Oct 30, 2022
Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10

CVE-2021-29440 Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10 Grav is a file based Web-platform. Twig processing of static p

Enox 6 Oct 10, 2022
PwdGen is a Python Tkinter tool for generating secure 16 digit passwords.

PwdGen ( Password Generator ) is a Python Tkinter tool for generating secure 16 digit passwords. Installation Simply install requirements pip install

zJairO 7 Jul 14, 2022
Python low-interaction honeyclient

Thug The number of client-side attacks has grown significantly in the past few years shifting focus on poorly protected vulnerable clients. Just as th

Angelo Dell'Aera 896 Dec 19, 2022
LinOTP - the open source solution for two factor authentication

LinOTP LinOTP - the Open Source solution for multi-factor authentication Copyright ยฉ 2010-2019 KeyIdentity GmbH Coypright ยฉ 2019- arxes-tolina GmbH In

LinOTP 462 Jan 02, 2023
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

webapp-wordlists This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version co

Podalirius 396 Jan 08, 2023
An automated header extensive scanner for detecting log4j RCE CVE-2021-44228

log4j An automated header extensive scanner for detecting log4j RCE CVE-2021-44228 Usage $ python3 log4j.py -l urls.txt --dns-log REPLACE_THIS.dnslog.

2 Dec 16, 2021
Salesforce Recon and Exploitation Toolkit

Salesforce Recon and Exploitation Toolkit Salesforce Recon and Exploitation Toolkit Usage python3 main.py URL References Announcement Blog - https:/

81 Dec 23, 2022
CVE-2021-36798 Exp: Cobalt Strike < 4.4 Dos

A denial of service (DoS) vulnerability (CVE-2021-36798) was found in Cobalt Strike. The vulnerability was fixed in the scope of the 4.4 release. More

104 Nov 09, 2022
Domain abuse scanner covering domainsquatting and phishing keywords.

๐Ÿฆท monodon ๐Ÿ‹ Domain abuse scanner covering domainsquatting and phishing keywords. Setup Monodon is a Python 3.7+ programm. To setup on a Linux machin

2 Mar 15, 2022
Encrypted Python Password Manager

PyPassKeep Encrypted Python Password Manager About PyPassKeep (PPK for short) is an encrypted python password manager used to secure your passwords fr

KrisIsHere 1 Nov 17, 2021
Brute smb share - Brute force a SMB share

brute_smb_share I wrote this small PoC after bumping into SMB servers where Hydr

devloop 3 Feb 21, 2022
Format SSSD Raw Kerberos Payloads into CCACHE files for use on Windows systems

KCMTicketFormatter This tools takes the output from https://github.com/fireeye/SSSDKCMExtractor and turns it into properly formatted CCACHE files for

Black Lantern Security 35 Oct 25, 2022
Fast python tool to test apache path traversal CVE-2021-41773 in a List of url

CVE-2021-41773 Fast python tool to test apache path traversal CVE-2021-41773 in a List of url Usage :- create a live urls file and use the flag "-l" p

Zahir Tariq 12 Nov 09, 2022
Bypass's HCaptcha by overloading their api causing it to throwback a generated uuid. (Released due to exposure)

HCaptcha-Bypass Bypass's HCaptcha by overloading their api causing it to throwback a generated uuid. Not working? If it is not seeming to work for you

Dropout 17 Aug 23, 2021
The RDT protocol (RDT3.0,GBN,SR) implementation and performance evaluation code using socket

์†Œ์ผ“์„ ์ด์šฉํ•œ RDT protocols (RDT3.0,GBN,SR) ๊ตฌํ˜„ ๋ฐ ์„ฑ๋Šฅ ํ‰๊ฐ€ ์ฝ”๋“œ ์ž…๋‹ˆ๋‹ค. ์ฝ”๋“œ๋ฅผ ์‹คํ–‰ํ• ๋•Œ ๋ฆฌ์‹œ๋ฒ„๋ฅผ ๋จผ์ € ์‹คํ–‰ํ•˜์„ธ์š”. ์„ฑ๋Šฅ ํ‰๊ฐ€ ์ฝ”๋“œ๋Š” ํŒจํ‚ท ์ „์†ก ๊ณผ์ •์„ ์ œ์™ธํ•˜๊ณ  ์‹œ๊ฐ„๋‹น ์ „์†ก๋ฅ ์„ ์ถœ๋ ฅํ•ฉ๋‹ˆ๋‹ค. RDT3.0 GBN SR(๋ฒ„๊ทธ ๋ฐœ๊ฒฌ์œผ๋กœ ๊ตฌํ˜„์ค‘ ์ž…๋‹ˆ

kimtaeyong98 0 Dec 20, 2021
This is a Python program that implements a vacuum cleaner as an Artificial Intelligence.

Vacuum-Cleaner Python3 This is a Python3 agent that implements a simulator for a vacuum cleaner and it is introduction to Artificial Intelligence. A s

Abdultawwab Safarji 6 Nov 14, 2022