Jenganizer is a tool to map hidden services in AWS. It does this by following the triggered events of a user's actions. When a user performs an action in AWS, it can trigger other events in other services. By following these events, users can identify services that are indirectly deployed by their actions. This can be important, as these resources can present security risks which should be managed and controlled.
Jenganizer is a tool to map hidden services in AWS. It does this by following the triggered events of a user's actions. When a user performs an action in AWS, it can trigger other events in other services. By following these events, users can identify services that are indirectly deployed by their actions. This can be important, as these resources can present security risks which should be managed and controlled.
You can install the package from pypi.org
pip install jenganizer
jenganizer --help
Usage: jenganizer [OPTIONS]
Options:
--username TEXT The username to filter events by [required]
--profile-name TEXT The AWS profile name to use
--region-name TEXT The AWS region name to use
--time-start TEXT The start time for the event filter, format: YYYY-MM-DD
HH:MM:SS+00:00
--time-end TEXT The end time for the event filter, format: YYYY-MM-DD
HH:MM:SS+00:00
--time-span TEXT The time span, in minutes, to filter, going back from
now (use this instead of time_start and time_end)
-d, --depth INTEGER The depth of triggered events to follow. Depth=0: only
initial calls by the user, Depth=1: initial calls and
calls triggered by the initial calls, etc.
-o, --output TEXT The output file to write the triggered events to
-v, --verbosity LVL Either CRITICAL, ERROR, WARNING, INFO or DEBUG
--help Show this message and exit.
The way to map hidden services is to perform the initial call to the service with a specific user for the action you
want to map, jenganizer will then follow the triggered events to find the resource indirectly deployed to other services.
In order to zoom in on the right events, you can use the --time-start and --time-end, or --time-span.
The --depth parameter is used to specify how many levels of triggered events to follow. Level 0 only looks at events
called directly from the user, level 1 looks at events called by the user and events called by the services used
by those events. Such an examination naturally highlights some false positive, so it is important to verify the results.
The results are printed to the console as a list of events, and a file
(default name: triggered_events.json) is written with the full events.
These events can be used to identify hidden services in AWS.
FAQs
Jenganizer is a tool to map hidden services in AWS. It does this by following the triggered events of a user's actions. When a user performs an action in AWS, it can trigger other events in other services. By following these events, users can identify services that are indirectly deployed by their actions. This can be important, as these resources can present security risks which should be managed and controlled.
We found that jenganizer demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.