View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0009615Kali LinuxNew Tool Requestspublic2026-03-31 10:182026-03-31 10:20
Reportergebalamariusz Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
Summary0009615: cloud-audit - AWS security scanner with attack chain detection and Terraform remediation
Description

cloud-audit is an open-source Python CLI tool for AWS security auditing. It scans AWS accounts for misconfigurations, correlates findings into exploitable attack chains, and generates copy-paste remediation (AWS CLI + Terraform).

Homepage: https://haitmg.pl/cloud-audit/
Repository: https://github.com/gebalamariusz/cloud-audit
License: MIT
Language: Python 3.9+
Dependencies: boto3, jinja2 (minimal)
PyPI: https://pypi.org/project/cloud-audit/

Key capabilities:

  • 80 security checks across 18 AWS services (IAM, S3, EC2, VPC, RDS, CloudTrail, Lambda, ECS, etc.)
  • 20 attack chain rules based on MITRE ATT&CK Cloud and Datadog pathfinding.cloud - correlates individual findings into real exploit paths (e.g. public SG + IMDSv1 + admin role = account takeover)
  • CIS AWS Foundations Benchmark v3.0 compliance engine (62 controls)
  • Every finding includes AWS CLI + Terraform remediation code
  • Scan diff command for tracking security drift between scans
  • Output formats: HTML, JSON, SARIF (GitHub Code Scanning), Markdown
  • Read-only access only (SecurityAudit policy), never modifies infrastructure
  • GitHub Action available in Marketplace
Attached Files
logo.png (470,227 bytes)
social-preview.png (47,304 bytes)   
social-preview.png (47,304 bytes)   
report-preview.png (45,194 bytes)   
report-preview.png (45,194 bytes)   

Activities

gebalamariusz

gebalamariusz

2026-03-31 10:20

reporter   ~0021502

Featured in Help Net Security (March 2026):
https://www.helpnetsecurity.com/2026/03/11/cloud-audit-open-source-aws-security-scanner/

Issue History

Date Modified Username Field Change
2026-03-31 10:18 gebalamariusz New Issue
2026-03-31 10:18 gebalamariusz File Added: logo.png
2026-03-31 10:18 gebalamariusz File Added: social-preview.png
2026-03-31 10:18 gebalamariusz File Added: report-preview.png
2026-03-31 10:20 gebalamariusz Note Added: 0021502