This automation protect against subdomain takeover on AWS env which also send alerts on slack.

Related tags

Third-party APIs WrappersAWS_Subdomain_Takeover_Detector
Overview

AWS_Subdomain_Takeover_Detector

Purpose

The purpose of this automation is to detect misconfigured Route53 entries which are vulnerable to subdomain takeover.

Deployment Options

  • AWS Lambda, Rundeck or any cron

Prerequisites

  • IAM role with a permission of route53("ListHostedZones", "ListResourceRecordSets", "ListDomains").

Configuration Steps

  • Configure IAM role with permission mention above in prerequisites.
  • Deploy it on any of the cron Lambda/rundeck.
  • In slack_alert() please put the incoming webhook url of slack channel.

Scans Amazon Route53 to identify:

  • Check alias records for CloudFront distributions with missing S3 origin, ElasticBeanstalk vulnerable aliaa record and S3 vulnerable Alias record.
  • Check CNAME records for CloudFront distributions with missing S3 origin, S3 vulnerable CNAME and ElasticBeanstalk vulnerable CNAME.
  • Check for NS subdomain takeover.

TODO

  • Slack Integration ---------> Done
Owner
Puneet Kumar Maurya
I am a security engineer, who play CTF's, Skills: Application Security | Secure Code Review | AWS | ELK Stack | Terraform | Python | Go
Puneet Kumar Maurya
GitHub Repository
Google Sheets Python API v4

pygsheets - Google Spreadsheets Python API v4 A simple, intuitive library for google sheets which gets your work done. Features: Open, create, delete

Nithin Murali 1.4k Jan 08, 2023
scrape tiktok/douyin video list from specific user or keyword

get-tiktok-user-video-list scrape tiktok/douyin video list from specific user or keyword 以**https://www.douyin.com/user/MS4wLjABAAAAUpIowEL3ygUAahQB47

wanghaisheng 4 Jul 06, 2022
An open source development framework to help you build data workflows and modern data architecture on AWS.

AWS DataOps Development Kit (DDK) The AWS DataOps Development Kit is an open source development framework for customers that build data workflows and

Amazon Web Services - Labs 111 Dec 23, 2022
Due to changes to the discord API and discord.py being discontinued

Talia Due to changes to the discord API and discord.py being discontinued, Talia development has been halted permanently A customizable economy discor

2 Mar 08, 2022
A robust, low-level connector for the Discord API

Bauxite Bauxite is a robust, low-level connector for the Discord API. What is Bauxite for? Bauxite is made for two main purposes: Creating higher-leve

1 Dec 04, 2021
Telegram Group Chat Statistics With Python

Telegram Group Chat Statistics How to Run First add PYTHONPATH in repository root directory enviroment variable by running: export PYTHONPATH=${PWD}

Sina Nazem 3 Apr 18, 2022
This Binance trading bot detects new coins as soon as they are listed on the Binance exchange and automatically places sell and buy orders. It comes with trailing stop loss and other features. If you like this project please consider donating via Brave.

binance-trading-bot-new-coins This Binance trading bot detects new coins as soon as they are listed on the Binance exchange and automatically places s

Andrei 1.4k Dec 24, 2022
MashaRobot : New Generation Telegram Group Manager Bot (🔸Fast 🔸Python🔸Pyrogram 🔸Telethon 🔸Mongo db )

MashaRobot Me On Telegram ✨ MASHA ✨ This is just a demo bot.. Don't try to add to your group.. Create your own bot How To Host The easiest way to depl

Mr Dark Prince 40 Oct 09, 2022
Python API wrapper library for Convex Value API

convex-value-python Python API wrapper library for Convex Value API. Further Links: Convex Value homepage @ConvexValue on Twitter JB on Twitter Authen

Aaron DeVera 2 May 11, 2022
A Bot Upload file|video To Telegram using given Links.

A Bot Upload file|video To Telegram using given Links.

Hash Minner 19 Jan 02, 2023
Trust-minimized Bitcoin wallet

coldcore Trust-minimized, airgapped Bitcoin management This is experimental software. Wait for a formal release before use with real funds. A trust-mi

James O'Beirne 121 Jan 01, 2023
A simple python discord bot with commands for moderation and utility.

Discord Bot A simple python discord bot with commands for moderation, utility and fun. Moderation $kick user reason - Kick a user from the server

syn 3 Feb 06, 2022
[Fullversion]Web3 Pancakeswap Sniper bot written in python3.

🚀 Pancakeswap BSC Sniper Bot 🚀 Web3 Pancakeswap Sniper && Take Profit/StopLose bot written in python3, Please note the license conditions! The secon

21 Dec 11, 2022
Crystal Orb is a discord bot made from discord.py and python

Crystal orb Replacing barbot Overview Crystal Orb is a discord bot made from discord.py and python, Crystal Orb is for anti alt detection and other st

AlexyDaCoder 3 Nov 28, 2021
wrapper for facebook messenger

pyfacebook pyfacebook library for python. Requirements common Help Got a question? File a GitHub issue. Contributing Bug Reports & Feature Requests Pl

Luis Mayta 3 Nov 12, 2021
Cogs for Red-DiscordBot

matcha-cogs Cogs for Red-DiscordBot. Installation [p]repo add matcha-cogs

MatchaTeaLeaf 2 Aug 27, 2022
this is a telegram bot repository, that can stream video on telegram group video chat.

VIDEO STREAM BOT telegram bot project for streaming video on telegram video chat, powered by tgcalls and pyrogram 🛠 Commands: /vstream (reply to vide

levina 319 Aug 15, 2022
Simple debugger and tester for dico-command.

dp Simple debugger and tester for dico-command. Installation pip install -U dico-dp Usage bot = dico_command.Bot(...) ... bot.load_module("dp") Comma

3 Nov 19, 2022
Host your Python Discord Bot 24/7 for free. POC

🐉 Pandore 🐉 The easiest and fastest way to host your Python3 Discord Bot 24/7 for free! 📚 Documentation 📚 If you encounter any problem while using

Billy 73 Jan 02, 2023
A Matrix-Instagram DM puppeting bridge

mautrix-instagram A Matrix-Instagram DM puppeting bridge. Documentation All setup and usage instructions are located on docs.mau.fi. Some quick links:

89 Dec 14, 2022