Scout Suite: Multi-Cloud Security Auditing Tool

Scout Suite is a multi-cloud security auditing tool, which enables assessing the security posture of cloud environments. Using the APIs exposed by cloud providers, Scout gathers configuration data for manual inspection and highlights risk areas. Rather than pouring through dozens of pages on the web consoles, Scout provides a clear view of the attack surface automatically.

Scout Suite is stable and actively maintained, but a number of features and internals may change. As such, please bear with us as we find time to work on, and improve the tool. Feel free to report a bug with details (please provide console output using the –debug argument), request a new feature, or send a pull request.

Note:

The latest (and final) version of Scout2 can be found in https://github.com/nccgroup/Scout2/releases andhttps://pypi.org/project/AWSScout2. Further work is not planned for Scout2. Fixes will be implemented in Scout Suite.

Support

The following cloud providers are currently supported/planned:

  • Amazon Web Services
  • Google Cloud Platform (beta)
  • Azure (early alpha)

Installation

Install via pip:

$ pip install scoutsuite

Install from source:

$ git clone https://github.com/nccgroup/ScoutSuite
$ cd ScoutSuite
$ virtualenv -p python3 venv
$ source venv/bin/activate
$ pip install -r requirements.txt
$ python Scout.py --help

ScoutSuite

Use

Copyright (C) 2018 nccgroup

Share