<div style="margin:20px 0 0 200px"> To view the site, enable JavaScript by changing your browser options, then <a href="">Try Again</a>.</div>

SkyArk - Helps To Discover Assess and Secure the Most Privileged Entities in Azure & AWS

12 Aug, 2020
SkyArk - Helps To Discover Assess and Secure the Most Privileged Entities in Azure & AWS

SkyArk is a cloud security project with two main scanning modules:>

  1. Azure Sleath: scan Azure environments.
  2. Aw Sleath: scan AW environments.

These two scanning modules will discover the most privileged entities in the target AWS and Azure. The module provides new valuable insights from cloud trail logs. Security teams can use the results file to investigate sensitive actions, discover the entities that look those action and reveal additional valuable details on each executed and logged actions.

The Main Goal Discover the Most Privileged Cloud Users:

SkyArk is focusing on mitigating the new threat of cloud shadow admins, and help the organizations to discover, assess and protect cloud privileged entities. Stealthy and undercover admins may reside in every public cloud platform and SkyArk helps mitigating the risk in AWS and Azure.

Background:

SkyArk deals with the new uprising threat of cloud shadow admins how attackers find and abuse non-trivial and so called limited permissions to still make it through and escalate their privileges and become full cloud admins. Furthermore attackers can easily use those tricky specific permissions to hide stealthy admin entities that will wait them as undercover persistence technique. SkyArk was initially published as a part of research on the threat of AWS shadow admins, this research was presented at RSA USA 2018 conference.

Tool Description:

SkyArk currently contain two main scanning module Azure stealth and AWS stealth. With the scanning results organizations can discover the entities that have more sensitive and risky permissions. Potential attackers are hunting for those and defensive teams should make sure this privileged users are well secured have strong, rotated and safety store credentials, being monitored carefully, etc. Remember that we cannot protect the things we don’t aware of and SkyArk helps in complex mission of discovering the most privileged cloud entities including the straight forward admins and also the stealthy shadow admins that could easily escalate their privileges and become full admin as well as.

1. Azure Stealth Scan:

Azure stealth is a PowerShell script that uses free Azure’s PowerShell modules, it requires PowerShell version 5.1+.

Azure Stealth Scan

How To Run It:

  1. Download/sync the locally the script file Azure Stealth .ps1.
  2. Open the PowerShell in the Azure stealth folder to run the script.
  3. Running the followings commands:
    1. Import-Module ./AzureS.
    2. Scan-Azure admins.
  4. Optional command:
    1. (-)Scan-Azure admins -UseC
    2. (-)Scan-Azure admins -GetP
  5. IF you encounter with Azure connections errors, you can manually connect to Azure and then run the scan:
    1. Import-Module ./AzureS.
    2. Connect-AzAccount.
    3. Connect-AzureAD.
    4. Scan-Azure admins -UseC.

2. Aws Stealth Scan:

SkyArk runs in PowerShell and uses free AWS PowerShell Module, you can download AWS tools for Windows PowerShell in advance:

Aws Stealth Scan

How To Run It:

Open the PowerShell SkyArk folder with running script permissions.

  1. If you want to use only AW Stealth from SkyArk tool:
    1. Import-Module ./AWStealth.ps1-.
  2. Perform AWStealth scan:
    1. Scan-AWShadowAdmins-accesskeyi.

Download the SkyArk Tool: https://github.com/cyberark/SkyArk

Other Hacking Tools

Explore All Hacking Tools »

Exclusive Blog

Read All Exclusive Blog »
A few tips for the perfect homework
A few tips for the perfect homework

With world working from home, it's time to make it enjoyable and effective.

Read Details

Breaking News

Breaking News Of Each Month »
Cyber Scam in the days of Coronavirus & Lockdown
Cyber Scam in the days of Coronavirus & Lockdown

The recent pandemic was unexpected and unknown to most part of the world. It has changed our life and we are slowly adapting to our new lifestyle. The risks associated with the new lifestyle, both personal & corporate, are unknown to most of us.

Read Details