Scans for critical security risks including public S3 buckets, open security groups, over-permissive IAM policies, missing MFA, stale credentials, and publicly accessible databases.
Saves 4–6 hours
#security
#scan
#iam
#s3
#vpc
#rds
#audit
What this tool does
Checks S3 buckets for public access settings
Scans security groups for 0.0.0.0/0 rules
Audits IAM users for missing MFA and stale access keys
Checks for root account access key presence
Detects publicly accessible RDS instances
Reviews over-permissive IAM policies
What it creates
Security findings report (JSON) saved to S3
Remediation commands for each finding
Severity-ranked issue list
Related Tools