Metadata-Version: 2.1
Name: ScoutSuite
Version: 4.0.2
Summary: Scout Suite, a multi-cloud configuration review tool
Home-page: https://github.com/nccgroup/ScoutSuite
Author: NCC Group
License: GNU General Public License v2 (GPLv2)
Description: # Scout Suite
        
        <!--- ![image](https://travis-ci.org/nccgroup/Scout2.svg?branch=master) -->
        <!--- ![image](https://coveralls.io/repos/github/nccgroup/Scout2/badge.svg?branch=master) -->
        [![PyPI version](https://badge.fury.io/py/ScoutSuite.svg)](https://badge.fury.io/py/ScoutSuite)
        
        ## Description
        
        Scout Suite is a multi-cloud configuration review tool, which enables assessing the security posture of cloud
        environments. Using the APIs exposed by cloud providers, Scout gathers configuration data for manual inspection and 
        highlights risk areas. Rather than pouring through dozens of pages on the web consoles, Scout provides a clear view of 
        the attack surface automatically.
        
        Scout Suite is stable and actively maintained, but a number of features and internals may change. As such, please bear 
        with us as we find time to work on, and improve, the tool. Feel free to report a bug with details (please provide 
        console output using the `--debug` argument), request a new feature, or send a pull request.
        
        **Note:**
        
        The latest (and final) version of Scout2 can be found in <https://github.com/nccgroup/Scout2/releases> and
        <https://pypi.org/project/AWSScout2>.
        
        Further work is not planned for Scout2. Fixes for the issues currently opened will be implemented in Scout Suite.
        
        ### Support
        
        The following cloud providers are currently supported/planned:
        
        -   Amazon Web Services
        -   Google Cloud Platform (beta)
        -   Azure (early alpha)
        
        ## Installation
        
        Install via `pip`:
        
            $ pip install scoutsuite
        
        Install from source:
        
            $ git clone https://github.com/nccgroup/ScoutSuite
            $ cd ScoutSuite
            $ virtualenv -p python3 venv
            $ source venv/bin/activate
            $ pip install -r requirements.txt
            $ python Scout.py --help
        
        ## Requirements
        
        ### Computing resources
        
        Scout Suite is a multi-threaded tool that fetches and stores your cloud account's configuration settings in memory 
        during runtime. It is expected that the tool will run with no issues on any modern laptop or equivalent VM. **Note** 
        that running Scout Suite in a VM with limited computing resources such as an AWS t2.micro instance is not intended 
        may result in the process being killed.
        
        ### Python
        
        Scout Suite is written in Python and supports the following versions:
        
        -   2.7
        -   3.4
        -   3.5
        -   3.6
        -   3.7
        
        The required libraries can be found in the
        [requirements.txt](https://github.com/nccgroup/ScoutSuite/blob/master/requirements.txt) file.
        
        ### Credentials
        
        #### Amazon Web Services
        
        To run Scout against an AWS account, you will need valid AWS credentials (i.e. Access Key ID and Secret Access Key).
        
        The following AWS Managed Policies can be attached to the principal used to run Scout in order to grant the necessary 
        permissions:
        
        -   ReadOnlyAccess
        -   SecurityAudit
        
        #### Google Cloud Platform
        
        There are two ways to run Scout against a GCP Organization or Project.
        
        1.  User Account
            1.  Configure the cloud shell to use the appropriate User Account credentials (`gcloud init` command to use a new 
            account or `gcloud config set account <account>` to use an existing account)
            2.  Obtain access credentials to run Scout with: `gcloud auth application-default login`
            3.  Run Scout with the `--user-account` flag
        2.  Service Account
            1.  Generate and download service account keys in JSON format 
            (refer to <https://cloud.google.com/iam/docs/creating-managing-service-account-keys>)
            2.  Run Scout with the `--service-account` flag while providing the key file path with 
            `--key-file path/to/key_file.json`
        
        The following roles can be attached to the member used to run Scout in order to grant necessary permissions:
        
        - Viewer
        - Security Reviewer
        - Stackdriver Account Viewer
        
        #### Azure
        
        TODO
        
        ### Compliance
        
        #### AWS Acceptable Use Policy
        
        Use of Scout Suite does not require AWS users to complete and submit the AWS Vulnerability / Penetration Testing 
        Request Form. Scout Suite only performs API calls to fetch configuration data and identify security gaps, which is not 
        considered security scanning as it does not impact AWS' network and applications.
        
        #### Google Cloud Platform
        
        Use of Scout Suite does not require GCP users to contact Google to begin testing. The only requirement is that users 
        abide by the Cloud Platform Acceptable Use Policy and the Terms of Service and ensure that tests only affect projects 
        you onw (and not other customers’ applications).
        
        References:
        - https://cloud.google.com/terms/aup
        - https://cloud.google.com/terms/
        
        #### Azure
        
        TODO
        
        ### Usage
        
        The following command will provide the list of available command line options:
        
            $ python Scout.py --help
        
        For further details, checkout our Wiki pages at <https://github.com/nccgroup/ScoutSuite/wiki>.
        
        After performing a number of API calls, Scout will create a local HTML report and open it in the default browser.
        
        #### Amazon Web Services
        
        Using a computer already configured to use the AWS CLI, you may use Scout using the following command:
        
            $ python Scout.py --provider aws
        
        **Note:** EC2 instances with an IAM role fit in this category.
        
        If multiple profiles are configured in your .aws/credentials and .aws/config files, you may specify which credentials 
        to use with the following command:
        
            $ python Scout.py --profile <PROFILE_NAME>
        
        If you have a CSV file containing the API access key ID and secret, you may run Scout with the following command:
        
            $ python Scout.py --csv-credentials <CREDENTIALS.CSV>
        
        #### Google Cloud Platform
        
        Using a computer already configured to use gcloud command-line tool, you may use Scout using the following command:
        
            $ python Scout.py --provider gcp --user-account
            
        To run Scout using Service Account keys, using the following command:
        
            $ python Scout. --provider gcp --service-account --key-file </PATH/TO/KEY_FILE.JSON>
            
        To scan a GCP:
        - Organization, use the `organization-id <ORGANIZATION ID>` argument
        - Folder, use the `folder-id <FOLDER ID>` argument.
        - Project, use the `project-id <PROJECT ID>` argument 
        
        #### Azure
        
        TODO
Platform: UNKNOWN
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Information Technology
Classifier: Intended Audience :: System Administrators
Classifier: Natural Language :: English
Classifier: License :: OSI Approved :: GNU General Public License v2 (GPLv2)
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Description-Content-Type: text/markdown
