π¦ ClawHub
Cloud Misconfig Scanner
by @krishnakumarmahadevan-cmd
Automated security scanner for identifying and reporting misconfigurations across cloud infrastructure providers.
π‘ Examples
Sample Request:
{
"provider": "aws",
"credentials": {
"access_key_id": "AKIAIOSFODNN7EXAMPLE",
"secret_access_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
"region": "us-east-1"
}
}
Sample Response:
{
"scan_id": "scan_1234567890",
"provider": "aws",
"status": "completed",
"timestamp": "2024-01-15T10:30:45Z",
"findings": [
{
"id": "MISCFG-001",
"severity": "high",
"category": "access_control",
"resource": "s3://my-bucket-prod",
"issue": "S3 bucket has public read access enabled",
"recommendation": "Update bucket policy to restrict public access",
"compliance_impact": ["PCI-DSS", "HIPAA"]
},
{
"id": "MISCFG-002",
"severity": "medium",
"category": "encryption",
"resource": "rds-instance-main",
"issue": "Database encryption at rest is disabled",
"recommendation": "Enable RDS encryption and rotate master key",
"compliance_impact": ["SOC2"]
}
],
"summary": {
"total_resources_scanned": 247,
"misconfiguration_count": 12,
"high_severity": 2,
"medium_severity": 5,
"low_severity": 5
}
}
TERMINAL
clawhub install cloud-misconfig-scanner