New module: AWS Credentials Finder#455
Conversation
…ndows and linux systems.
|
Looks really cool, thanks for the PR! |
|
@dev-fortress really sorry for the late response. Are you sure you pushed your latest changes? In the PR is no logging statement or something similar that would print the output of your module as in your screenshot. Also command execution is only available with |
|
@dev-fortress any update? I could quickly patch in some output function for the gathered data, but that might not be all you planned on doing or have done locally. |
|
@NeffIsBack Sorry, I didn’t see your response earlier. In my initial test, I didn’t need to log the response in any function. Perhaps something has changed and now requires some adjustments. Please give me some time to review it and see what I can do. |
No worries, take your time. Maybe just an |
Added context.log.highlight() to the module Signed-off-by: Braiant Giraldo <33358096+dev-fortress@users.noreply.github.com>
|
Added context.log.highlight() to the module |
63e4465 to
ef7e974
Compare
|
Fyi, fixed winrm execution to be able to use it in modules |
|
In theory this looks good now. However checking for |
|
Gonna reping @dev-fortress in case you missed the notification 👀 |
|
I will do it, I think how i can filter the false positive |
Refined AWS credentials detection: updated both Bash and PowerShell scripts to search only for files named 'credentials' that contain the keyword 'aws', which is consistently present in relevant AWS configuration files. Removed 'config' from the scope after confirming it contains no useful information. Also suppressed 'permission denied' errors in the Bash script for cleaner output during scans. Signed-off-by: Braiant Giraldo <33358096+dev-fortress@users.noreply.github.com>
|
Hi, I’ve just made some updates to the credential detection script: Both the Bash and PowerShell versions now target only files named The commit is ready for review. Let me know if you have any feedback! |
This reverts commit fc0c615.
|
@dev-fortress careful when merging in changes from remote. I believe you rebased your changes (at least that is what it looks like) because of merge conflicts, but that reverted all previous changes i made. TLDR; never rebase -> always merge and resolve conflicts with the editor of your choice I reverted the commit and applied your changes manually. |
|
Thanks! Sorry about all the changes — I’m not a developer by trade and still learning Git, but I’m committed to getting better at it. Really appreciate you merging into main! |
No worries! Just for the future :) |




This pull request introduces a new module that searches for files named "credentials" and "config" on remote servers and returns their file paths. At the moment, this module works on Linux and Windows remote servers.
Features:
Why this module is useful:
Future Plans:
*.config,*.key) for more comprehensive scanning.Please let me know if there are any improvements or additional requirements to get this merged. Thank you for considering this contribution!