Zeus – AWS EC2 / S3 Auditing & Hardening Tool

Zeus is a powerful tool for AWS EC2 / S3 best hardening practices. It checks security settings according to the profiles the user creates and changes them to recommended settings based on the CIS AWS Benchmark source at request of the user.Identity and Access ManagementAvoid the use of the “root" accountEnsure multi-factor authentication (MFA) is enabled for all IAM users that have a console passwordEnsure credentials unused for 90 days or greater are disabledLoggingEnsure CloudTrail is enabled in all regionsEnsure CloudTrail log file validation is enabledEnsure the S3 bucket CloudTrail logs to is not publicly accessibleEnsure CloudTrail trails are integrated with CloudWatch LogsEnsure AWS Config is enabled in all regionsEnsure S3 bucket access logging is enabled on the CloudTrail S3 bucketEnsure CloudTrail logs are encrypted at rest using KMS CMKsEnsure rotation for customer created CMKs is enabledRequirementsZeus has been written in bash script using AWS-CLI and it works in Linux/UNIX and OSX.Make sure that the AWS-CLI tool is installed on the system and profile is configured (aws configure).Update:pip & aws-cli checking functions are added that based on operating system.ScreenshotsDownload Zeus

Link: http://feedproxy.google.com/~r/PentestTools/~3/M4Pg0XuuLUY/zeus-aws-ec2-s3-auditing-hardening-tool.html