Various AWS scripts
Tests which of the IAM users can assume a given role. Role can be in same AWS account as users, or different account (crossAccountAssumeRole)
Runs through security groups and checks to see if they contain IP addresses in the ingress or egress list that belong to a specified country
Looks for roles that can be assumed by other AWS accounts, and checks to see if they are protected by an external ID or MFA
Audit AWS ELB service for deletion protection
Searches AWS account for roles that can be assumed by users of a second AWS account
Audit AWS RDS service for Backup Retention Period, Multi-AZ, and Auto-Minor-Version Upgrade settings
Audit AWS RedShift service for Audit Logging, User Activity Logging, Parameter Group, Encryption at Rest, and Encryption in Transit settings
Audit AWS S3 service for Versioning, MFA Delete, Encryption Rules, Logging Enabled, and HTTPS Enforced settings
Just uses the API to download IAM credential report
Audits downloaded IAM credential report for security violations on user accounts, such as users that have not been used in over a year, users with multiple API keys, etc.
Gets all private AWS IPs from EC2 instances.
Gets all public AWS IPs from EC2 instances.
Exports Route53 Information
parse out the EC2 security groups that permit access to ports to 0.0.0.0/0