Version: 1.2
Author: Luiz Machado (@cryptobr)
SecBridge is an integration tool that connects Prowler and the Pacu Framework, allowing you to automate the security risk assessment in your AWS accounts. The tool checks risks using Prowler and evaluates the exploitability of these risks using Pacu, generating detailed reports.
- Dependency Check: Confirms the existence of essential dependencies like AWS CLI, Python3, Prowler, and Pacu.
- Prowler Execution: Runs Prowler to perform a security assessment on the specified AWS account.
- Pacu Framework Execution: Allows the execution of the Pacu Framework for exploitation based on specific categories.
- Report Generation: Generates detailed reports after running Pacu, including HTML and JSON formats.
- Dashboards: Launches dashboards for visualizing Prowler and Pacu results.
- AWS Profile Configuration: Configures AWS-CLI profiles directly through the tool with credential validation.
- Structured Logging: Provides comprehensive logging with different verbosity levels and colored formatting.
- Unit Testing: Includes automated tests to ensure code quality.
-
Clone the Repository:
git clone https://github.com/your-username/secbridge.git cd secbridge -
Install Dependencies:
pip install -r requirements.txt
-
Check System Dependencies: Ensure that AWS CLI, Python3, Prowler, and Pacu are installed. You can check and install the dependencies by running:
python secbridge.py deps
-
Clone the Repository:
git clone https://github.com/your-username/secbridge.git cd secbridge -
Build and Run with Docker:
docker build -t secbridge . docker run -it --rm -v ~/.aws:/root/.aws:ro -v $(pwd)/reports:/app/reports -v $(pwd)/logs:/app/logs secbridge
-
Or use Docker Compose:
docker-compose up --build
This will mount your AWS credentials and the reports/logs directories.
You can run the tool with different commands:
-
Check Dependencies:
python secbridge.py deps
-
Run Prowler:
python secbridge.py prowler
-
Start Prowler Dashboard:
python secbridge.py prowler-dash
-
Run Pacu (Enumeration):
python secbridge.py pacu-enum
-
Run Pacu (With Specific Category):
python secbridge.py pacu
-
Start Pacu with Prowler (Full Assessment):
python secbridge.py full
-
Delete Pacu Sessions:
python secbridge.py prune-pacu
-
Start Pacu Dashboard:
python secbridge.py pacu-dash
You can specify a custom port:
python secbridge.py pacu-dash --port 8080
-
Set Up a New AWS-CLI Profile:
python secbridge.py np
-
Help:
python secbridge.py --help
Run the unit tests to ensure everything is working correctly:
pytest tests/secbridge/
├── config/
│ └── pacu_modules.json # Configuration for Pacu modules
├── logs/ # Log files directory
├── reports/ # Generated reports
│ ├── data/ # JSON data files
│ └── prowler/ # Prowler reports
├── tests/ # Unit tests
├── utils/ # Utility modules
│ ├── aws_config.py # AWS profile configuration
│ ├── dependencies.py # Dependency checking
│ ├── pacu_report.py # Report generation for Pacu
│ ├── pacu_runner.py # Pacu execution
│ └── prowler_runner.py # Prowler execution
├── requirements.txt # Python dependencies
├── CHANGELOG.md # Change history
├── secbridge.py # Main application
└── README.md # Documentation
Contributions are welcome! If you have suggestions for improvements or found a bug, feel free to open an issue or submit a pull request.
This project is licensed under the MIT License.
For more information or questions, contact Luiz Machado.