Perimeterator

Perimeterator is a small project designed to enable continuous auditing of AWS services that are accessible over the internet.

This solution can be rapidly deployed into AWS and will regularly check for internet-facing IP addresses associated with several commonly misconfigured AWS resources.

The results from the enumeration process are placed into a work queue for scanning by external scanner 'workers'. This is done to identify open network services. Scanner 'workers' can be deployed in various locations and are specifically designed to operate within non-trusted networks. Their purpose is to simulate access to services as if they were coming from the 'general internet'. Currently, the following AWS resource types are supported: EC2, ELB, ELBv2, RDS, and ES. All communication between Perimeterator components is conducted asynchronously using AWS SQS queues. Demo Getting Started / Deployment Perimeterator requires several components to function effectively.

To facilitate a smooth start, several Terraform configurations have been included in the terraform/ directory. For initial setup instructions, please refer to the terraform/README.md file. Components: Perimeterator consists of multiple components due to its distributed architecture. Below is a brief overview of each component: * Scanner: This component scans IP addresses to identify open network services. * Worker: This component processes work items from the SQS queue. * SQS Queue: This is used for communication between the various components.