Fetch the details of assets hosted on AWS.

Related tags

Third-party APIs Wrappersawstoolbug-bountyreconnaissance
Overview

onaws

onaws is a simple tool to check if an IP/hostname belongs to the AWS IP space or not. It uses the AWS IP address ranges data published by AWS to perform the search.

The tool could be used for:

  • Continuous recon of assets
  • Gathering assets using a specific service (e.g. EC2)
  • Finding region information for S3 buckets
  • ... etc.

onaws

Install

pip install onaws

Usage

Given an IP:

onaws 52.219.47.34

Given a hostname:

A domain or subdomain can be passed as input:

onaws example.com

You may also supply an S3 bucket hostname as input:

onaws dropbox.s3.amazonaws.com

List of hostnames

onaws accepts line-delimited hosts on STDIN. This is helpful if you want to pipe the output of other tools to onaws:

$ cat hosts.txt
uber.s3.amazonaws.com
aws.com
google.com


$ cat hosts.txt | onaws
{
    "uber.s3.amazonaws.com": {
        "is_aws_ip": true,
        "ip_address": "52.218.46.121",
        "service": "S3",
        "region": "eu-west-1",
        "matched_subnet": "52.218.0.0/17",
        "hostname": "uber.s3.amazonaws.com"
    },
    "aws.com": {
        "is_aws_ip": true,
        "ip_address": "52.84.13.117",
        "service": "CLOUDFRONT",
        "region": "GLOBAL",
        "matched_subnet": "52.84.0.0/15",
        "hostname": "aws.com"
    },
    "google.com": {
        "is_aws_ip": false
    }
}

Output

If the IP/hostname falls in the AWS IP range, onaws will return the service, region and other details in the output:

{
    "is_aws_ip": true,
    "ip_address": "52.218.196.155",
    "service": "S3",
    "region": "us-west-2",
    "matched_subnet": "52.218.128.0/17",
    "hostname": "flaws.cloud"
}

Contribution

I welcome contributions from the public. If you find something that could be improved, please file an Issue or send a PR :)

Credits

  • Thanks to @TomNomNom for suggesting the name.
Comments
  • Code refactor; input + output streaming (#1 and #2); better output

    Code refactor; input + output streaming (#1 and #2); better output

    I refactor the code and introduce input + output streaming (closes #1 and closes #2), with the output being in JSONL format. The input streaming approach was taken from the PR by @havefish (#3)โ€”good stuff!

    Furthermore, I improve the output and make it list-input-friendly by showing the specified input. It now looks as follows: image

    opened by KarimPwnz 1
  • Cache ip ranges

    Cache ip ranges

    Given the size of the AWS IP ranges file, this PR makes onaws cache it. The cache is updated when the etag header, which represents the MD5 checksum of the remote data, does not match the local data checksum.

    The local cache is located at ~/.onaws/ip-ranges.json, and all functionality related to fetching the IP ranges has been moved to ipranges.py.

    opened by KarimPwnz 0
  • ISSUE #1, ISSUE #2: streaming input and output

    ISSUE #1, ISSUE #2: streaming input and output

    • current changes stream the input, hence the processing should occur at constant memory
    • However, as the output is still being gathered in-memory, the memory consumption on large input still remains; to be solved in issue #2.
    • a optional parameter has been added -s that takes two values t: text or j: json
    • with this change the whole process should run at constant memory
    • Example Usage: cat file.txt | onaws -sj
    opened by havefish 0
  • Line delimited Output

    Line delimited Output

    • currently the output is dumped in a single JSON.
    • this approach won't work for a large input
    • also streaming the output won't be possible, to use the output the while thing has to be produced first.
    • the solution is line delimited JSON or plain text
    opened by havefish 0
  • Added -i and -o parameters for input and output files

    Added -i and -o parameters for input and output files

    Quick and dirty solution to add input and output files to work in my pipeline. The changes should not break anything afaik, you can merge it if you like. Thank you for the code!

    opened by kz0ltan 0
Releases(v1.0.3)
Owner
Amal Murali
Hmm.
Amal Murali
GitHub Repository https://github.com/amalmurali47/onaws
Bot made with Microsoft Azure' cloud service

IttenWearBot Autori: Antonio Zizzari Simone Giglio IttenWearBot รจ un bot intelligente dotato di sofisticate tecniche di machile learning che aiuta gli

Antonio Zizzari 1 Jan 24, 2022
A simple Python script using Telethon to log all (or some) messages a user or bot account can see on Telegram.

telegram-logger A simple Python script using Telethon to log all (or some) messages a user or bot account can see on Telegram. Requirements Python 3.6

Richard 13 Oct 06, 2022
Maintained wavelink fork for pycord

Pycord.Wavelink Wavelink is robust and powerful Lavalink wrapper for Pycord! Wavelink features a fully asynchronous API that's intuitive and easy to u

Pycord Development 23 Dec 11, 2022
Hack WhatsApp Account Easily(Android)

X-Whatsapp Hack WhatsApp Account Easily(Android) HOW TO RUN ๐Ÿ‘‡ (Termux) pkg update && pkg upgrade pkg install python pkg install git git clone https:/

KiLL3R_xRO 72 Dec 21, 2022
Automatically deploy freqtrade to a remote Docker host and auto update strategies.

Freqtrade Automatically deploy freqtrade to a remote Docker host and auto update strategies. I've been using it to automatically deploy to vultr, but

p-zombie 109 Jan 07, 2023
Discord heximals: More colors for your bot

DISCORD-HEXIMALS More colors for your bot ! Support : okimii#0434 COLORS ( 742 )

4 Feb 04, 2022
Python3 based bittrex rest api wrapper

bittrex-rest-api This open source project was created to give an understanding of the Bittrex Rest API v1.1/v3.0 in pearl language. The sample file sh

4 Nov 15, 2022
Telephus is a connection pooled, low-level client API for Cassandra in Twisted python.

Telephus Son of Heracles who loved Cassandra. He went a little crazy, at one point. One might almost say he was twisted. Description Telephus is a con

Brandon Williams 93 Apr 29, 2021
A very basic starter bot based on CryptoKKing with a small balance

starterbot A very basic starter bot based on CryptoKKing with a small balance, use at your own risk. I have since upgraded this script significantly a

Danny Kendrick 2 Dec 05, 2021
A Telegram Bot which will ask new Group Members to verify them by solving an emoji captcha.

Emoji-Captcha-Bot A Telegram Bot which will ask new Group Members to verify them by solving an emoji captcha. About API: Using api.abirhasan.wtf/captc

Abir Hasan 52 Dec 11, 2022
A wrapper for slurm especially on Taiwania2 (HPC CLI)A wrapper for slurm especially on Taiwania2 (HPC CLI)

TWCC-slurm-wrapper A wrapper for slurm especially on Taiwania2 (HPC CLI). For Taiwania2 (HPC CLI) usage, please refer to here. (ไธญๆ–‡) How to Install? gi

Chi-Liang, Liu 5 Oct 07, 2022
A Telelgram Bot to Extract Text from an Image

Text-Scanner-OCR A Telelgram Bot to Extract Text from an Image Configs Vars API_KEY: Your API_KEY from OCR Space GROUP: Your Group Username without '@

ALBY 8 Feb 20, 2022
Django3 web app that renders OpenWeather API data โ˜๏ธโ˜๏ธ

nz-weather For a live build, visit - https://brandonru.pythonanywhere.com/ NZ Openweather API data rendered using Django3 and requests โ˜€๏ธ Local Run In

Brandon Ru 1 Oct 17, 2021
Python script to replace BTC adresses in the clipboard with similar looking ones, whose private key can be retrieved by a netcat listener or similar.

BTCStealer Python script to replace BTC adresses in the clipboard with similar looking ones, whose private key can be retrieved by a netcat listener o

Some Person 6 Jun 07, 2022
ChairBot is designed to be reliable, easy to use, and lightweight for every user, and easliy to code add-ons for ChairBot.

ChairBot is designed to be reliable, easy to use, and lightweight for every user, and easliy to code add-ons for ChairBot. Ready to see whats possible with ChairBot?

1 Nov 08, 2021
This Bot Can Upload Video from Link Of Pdisk to Pdisk using its API. @PredatorHackerzZ

๐๐๐ข๐ฌ๐ค ๐‚๐จ๐ง๐ฏ๐ž๐ซ๐ญ๐ž๐ซ ๐๐จ๐ญ Make short link by using ๐๐๐ข๐ฌ๐ค API key Installation ๐“๐ก๐ž ๐„๐š๐ฌ๐ฒ ๐–๐š๐ฒ ๐‘๐ž๐ช๐ฎ๐ข๐ซ๐ž๐ ๐•๐š๐ซ๐ข๐š๐›๐ฅ๐ž

ฯัั”โˆ‚ฮฑั‚ฯƒั 25 Dec 02, 2022
Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.

aws-allowlister Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance fr

Salesforce 189 Dec 08, 2022
Userbot Telegram + Music Voice Chats. Dibuat Untuk Bersenang - Senang , Dan Mempermudah Kegiatan. Created By Rio.

RIO - USERBOT Disclaimer Saya tidak bertanggung jawab atas penyalahgunaan bot ini. Bot ini dimaksudkan untuk bersenang-senang sekaligus membantu Anda

RioProjectX 1 Nov 10, 2021
Embed the Duktape JS interpreter in Python

Introduction Pyduktape is a python wrapper around Duktape, an embeddable Javascript interpreter. On top of the interpreter wrapper, pyduktape offers e

Stefano 78 Dec 15, 2022
A httpx token generator for discord [ hcaptcha bypass ]

Discord-Token-Generator-Yazato A httpx token generator for discord This generator was developed by Aced#0001, Dreamy Tos Follower#0001, Scripted#0131

23 Oct 26, 2021