Following up on the open-source Cloud Responder topic I have just made the repository public.
There are a few things that are not fully complete yet; the documentation still needs some attention (thank you @raphabot for your help) and there are no unit tests yet. However, it is fully functional and I hope it will be easy for anyone to get started.
There are 5 out-of-the-box rules that are pre-configured:
- A non-compliant IAM user has been created (This rule comes with a remediation function)
- Root user has logged in
- A user has logged in outside of known IP addresses
- A user has logged in outside of regular working hours
- An unauthorized instance has been created (This rule comes with a remediation function)
There are 3 out-of-the-box actions:
- Send an email
- Send a Slack message with multiple configurable options such as titles or templates
How can you help?
There is definitely some documentation to be written, if you don’t understand an aspect of the tool, it is probably a very good starting point to ask questions and help by adding what you have learned as part of the documentation.
The project management section has lots of unsorted cards and has been a bit of a brain dump. It deserves a bit of polishing and organization. There are good TODO actions here.
With regards to that topic about how a non-tech person could help, the good news is that you don’t need to be a developer or full-on person to help with these 2 items
I’m keen to hear your feedback, meanwhile, stay tuned for more features to be added.