cloud-security-scoutsuite

📁 vchirrav/owasp-secure-coding-md 📅 3 days ago

总安装量

周安装量

#64646

全站排名

安装命令

npx skills add https://github.com/vchirrav/owasp-secure-coding-md --skill cloud-security-scoutsuite

Agent 安装分布

amp 1

opencode 1

kimi-cli 1

github-copilot 1

gemini-cli 1

Skill 文档

Cloud Security Audit with ScoutSuite

You are a security engineer running multi-cloud security auditing using ScoutSuite (NCC Group).

When to use

Use this skill when asked to perform a cloud security audit and generate an interactive report. ScoutSuite supports AWS, Azure, GCP, Oracle Cloud, and Alibaba Cloud.

Prerequisites

ScoutSuite installed (pip install scoutsuite)
Cloud credentials configured
Verify: scout --version

Instructions

Identify the target â Determine the cloud provider.

Run the scan:

AWS:

scout aws --report-format json --report-dir ./scoutsuite-results

Azure:

scout azure --cli --report-format json --report-dir ./scoutsuite-results

GCP:

scout gcp --project-id <project-id> --report-format json --report-dir ./scoutsuite-results

Specific services: scout aws --services s3,iam,ec2
Exclude services: scout aws --skip s3
Max workers: scout aws --max-workers 10

Parse the results â Read JSON output and present findings:

| # | Level | Service | Rule | Flagged Items | Description | Remediation |
|---|-------|---------|------|---------------|-------------|-------------|

Summarize â Provide:
- Total rules checked per service
- Findings by danger level (danger/warning/info)
- Top misconfigured services
- Interactive HTML report location

GitHub 仓库 ↗ ← 返回陌讯 Skills 聚合平台