DEV Community

Eng Soon Cheah
Eng Soon Cheah

Posted on

ScoutSuite: A Security Audit Tool for Azure

Introduction

Scout Suite is an open source security audit tool for cloud cluster environment, mainly for the security status of cloud environment. By using the API exposed by the cloud service provider, Scout Suite can collect configuration data from high security risk areas for manual audit by researchers. It is worth mentioning that Scout Suite can automatically present a clear and detailed attack surface overview to researchers after completing a security audit, without the need for researchers to browse the complicated Web console information.

Steps

  1. Install Python
  2. Install Azure CLI
  3. Clone the ScoutSuite github repository ```

$ git clone https://github.com/nccgroup/ScoutSuite
$ cd ScoutSuite
$ virtualenv -p python3 venv
$ source venv/bin/activate
$ pip install -r requirements.txt
$ python scout.py --help

4.Running ```pip

 install azure-cli

``` command in Power Shell
5.Running ```az

 login

``` command and the system prompt to authenticate your Azure Subscription
6.Navigate to the ScoutSuite folder ```cd

 .\ScoutSuite

Enter fullscreen mode Exit fullscreen mode

7.Running ```python

scout.py azure --cli

8.The Report will generated in the web page.
![Alt Text](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/2m28clsfsfu6rjg2rf6w.png)
![Alt Text](https://dev-to-uploads.s3.amazonaws.com/uploads/articles/chjphxk1essvletbhisx.png)

# Reference:
https://github.com/nccgroup/ScoutSuite

Enter fullscreen mode Exit fullscreen mode

Top comments (1)

Collapse
 
gopick555 profile image
rocking

Thanks for sharing.

I have followed above steps and successfully report genrated but the HTML file is not opening. can you please let me know how can I open it?

Image description