Introduction
Scout Suite is an open source security audit tool for cloud cluster environment, mainly for the security status of cloud environment. By using the API exposed by the cloud service provider, Scout Suite can collect configuration data from high security risk areas for manual audit by researchers. It is worth mentioning that Scout Suite can automatically present a clear and detailed attack surface overview to researchers after completing a security audit, without the need for researchers to browse the complicated Web console information.
Steps
- Install Python
- Install Azure CLI
- Clone the ScoutSuite github repository
$ git clone https://github.com/nccgroup/ScoutSuite
$ cd ScoutSuite
$ virtualenv -p python3 venv
$ source venv/bin/activate
$ pip install -r requirements.txt
$ python scout.py --help
4.Running
pip install azure-cli
command in Power Shell
5.Running
az login
command and the system prompt to authenticate your Azure Subscription
6.Navigate to the ScoutSuite folder
cd .\ScoutSuite
7.Running
python scout.py azure --cli
command
8.The Report will generated in the web page.