Home - SethBodine/audit-tools GitHub Wiki
Getting Started
audit-tools is a container image that bundles cloud security auditing tools into a single, consistent environment. Shell in, authenticate to your cloud provider, and run assessments without managing local dependencies.
Requirements
- Podman (or Docker)
- Cloud provider credentials
- Minimum 4GB RAM allocated to the container VM
Install Podman
macOS
xcode-select --install
brew install podman
Other operating systems
See the Podman Install Documentation.
Prepare Podman
podman machine init --now --cpus=4 --memory=4096 \
--timezone $(curl https://ipapi.co/timezone) --disk-size 50
All arguments are optional, but a minimum of 4GB RAM is recommended. Prowler can crash with less.
podman machine start # only required if --now was not used above
Start the Container
Mount ~/Documents as /output
tmp_fol=$(mktemp -d)
wget https://raw.githubusercontent.com/SethBodine/audit-tools/main/pm-init.sh -O ${tmp_fol}/pm-init.sh
bash ${tmp_fol}/pm-init.sh
Mount /tmp as /output
tmp_fol=$(mktemp -d)
wget https://raw.githubusercontent.com/SethBodine/audit-tools/main/pm-init.sh -O ${tmp_fol}/pm-init.sh
AUDIT_OUTPUT_DIR="/tmp" bash ${tmp_fol}/pm-init.sh
Saving Results
Most tools support writing output to a file. Direct output to /output so it is available outside the container after the session ends.
# Example - Prowler HTML report
prowler aws -M html -o /output
# Example - trivy JSON report
trivy filesystem . -f json -o /output/trivy-results.json
Browse Documentation
The wiki command lets you browse these docs without leaving your shell.
wiki # list all pages
wiki --prowler # jump to the Prowler page
wiki --search token # search across all pages
wiki --menu # interactive arrow-key browser
wiki --update # pull latest wiki from GitHub
Next Steps
- Set up cloud credentials - see Cloud Access and Permissions
- Authenticate via CLI - see Cloud Authentication via CLI
- Run a tool - use
wikior the sidebar to navigate to the relevant page