You can now import targets directly from your AWS environment. Depending on the access level of the provided AWS keys, Pentest-Tools.com imports the following:
-
Public EC2 IPs
-
Private EC2 IPs
-
S3 bucket URLs
Here's how to set up the integration:
-
Ensure you have an IAM user with permission to access the targets you wish to import. For guidance, refer to the AWS documentation on managing IAM users. However, the key permissions we require are:
AmazonEC2ReadOnlyAccess
andAmazonS3ReadOnlyAccess
-
Navigate to the Integrations page in the Pentest-Tools platform.
-
Select AWS Integration and click Add to register an AWS account.
-
Enter the required details for the integration.
Once everything is configured, confirm the addition.
If the integration is successful, you can start importing assets into the workspace of your choice. Use the dedicated Import button in the Assets section to complete the process.
Now that your assets are imported, consider using automation features to streamline your workflow.
You can:
-
schedule bulk scans to assess multiple targets efficiently,
-
monitor IPs for open ports to track changes in your attack surface, or
-
set up scan diff monitoring to quickly detect new vulnerabilities or configuration changes.
These tools help you stay proactive and manage risks effectively.