Merge branch 'develop' of https://github.com/nccgroup/ScoutSuite into…

… nklauer/ec2-required-tags

.flake8

@@ -0,0 +1,23 @@
+[flake8]
+select =
+    E901,
+    E999,
+    F821,
+    F822,
+    F823
+statistics = True
+show-source = True
+max-line-length = 127
+max-complexity = 10
+exclude =
+    .git,
+    __pycache__,
+    docs/source/conf.py,
+    old,
+    build,
+    dist,
+    venv
+
+[pycodestyle]
+max_line_length = 127
+ignore = E501

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,27 @@
+---
+name: Bug report
+about: Create a report to help us improve Scout Suite!
+title: ''
+labels: bug, potential
+assignees: ''
+
+---
+
+**Describe the bug**
+
+Please provide:
+
+- A clear and concise description of what the bug is.
+- Console output using the `--debug` argument.
+- If possible, the errors JSON file generated at the end of execution (the CLI output will provide the path to this file). The file can be sent to <scoutsuite@nccgroup.com> to avoid including sensitive content in the GitHub issue.
+
+**To Reproduce**
+
+Please provide:
+
+- The **exact** CLI parameters used to run Scout Suite.
+- Any specific configuration within the cloud account which might have lead to the issue.
+
+**Additional context**
+
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,24 @@
+---
+name: Feature request
+about: Suggest an idea to improve Scout Suite!
+title: ''
+labels: enhancement
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+
+Add any other context or screenshots about the feature request here.

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,25 @@
+# Description
+
+**Make sure the PR is against the `develop` branch (see [Contributing](https://github.com/nccgroup/ScoutSuite/blob/master/CONTRIBUTING.md)).**
+
+Please include a summary of the change(s) and which issue(s) it addresses. Please also include relevant motivation and context.
+
+Fixes # (issue)
+
+## Type of change
+
+Select the relevant option(s):
+
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] This change requires a documentation update
+
+## Checklist:
+
+- [ ] My code follows the style guidelines of this project
+- [ ] I have performed a self-review of my own code
+- [ ] I have commented my code, particularly in hard-to-understand areas
+- [ ] My changes generate no new warnings
+- [ ] I have added tests that prove my fix is effective or that my feature works (optional)
+- [ ] New and existing unit tests pass locally with my changes

.travis.yml

@@ -6,31 +6,37 @@ sudo: false
 python:
   - "3.5"
   - "3.6"
+  - "3.7"
+  - "3.8"
 
 matrix:
   include:
     - python: "3.7"
       dist: xenial    # required for Python 3.7 (travis-ci/travis-ci#9069)
       sudo: required  # required for Python 3.7 (travis-ci/travis-ci#9069)
+    - python: "3.8"
+      dist: bionic
+      sudo: required
 
 install:
   - pip install -U setuptools
   - pip install -r requirements.txt
   - pip install flake8
   - pip install coveralls
   - pip install codecov
+  - pip install autopep8
 
 before_script:
   # Stop the build if there are Python syntax errors or undefined names
-  - flake8 . --count --select=E901,E999,F821,F822,F823 --show-source --statistics
-  # Exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
-  - flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
+  - flake8 .
+  - autopep8 --diff --recursive --max-line-length 127 .
 
 # Command to run tests
 script:
   - nosetests --with-coverage tests/test-utils.py
   - nosetests --with-coverage tests/test-core.py
   - nosetests --with-coverage tests/test-output.py
+  - nosetests --with-coverage tests/test-utils-conditions.py
   #  - 'nosetests tests/test-listall.py'
   #  - 'nosetests tests/test-rulesgenerator.py'
   #  - 'nosetests tests/test-utils.py'

README.md

@@ -9,99 +9,41 @@
 [![CodeCov](https://codecov.io/gh/nccgroup/ScoutSuite/branch/master/graph/badge.svg)](https://codecov.io/gh/nccgroup/ScoutSuite)
 [![Total alerts](https://img.shields.io/lgtm/alerts/g/nccgroup/ScoutSuite.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/nccgroup/ScoutSuite/alerts/)
 [![PyPI version](https://badge.fury.io/py/ScoutSuite.svg)](https://badge.fury.io/py/ScoutSuite)
+[![PyPI downloads](https://img.shields.io/pypi/dm/scoutsuite)](https://img.shields.io/pypi/dm/scoutsuite)
 
 ## Description
 
-Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud 
-environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection 
-and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear 
-view of the attack surface automatically.
+Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically.
 
-Scout Suite is stable and actively maintained, but a number of features and internals may change. As such, please bear
-with us as we find time to work on, and improve, the tool. Feel free to report a bug with details (please provide
-console output using the `--debug` argument), request a new feature, or send a pull request.
+Scout Suite was designed by security consultants/auditors. It is meant to provide a point-in-time security-oriented view of the cloud account it was run in. Once the data has been gathered, all usage may be performed offline.
 
 The project team can be contacted at <scoutsuite@nccgroup.com>.
 
-**Note:**
+### Cloud Provider Support
 
-The latest (and final) version of Scout2 can be found in <https://github.com/nccgroup/Scout2/releases> and
-<https://pypi.org/project/AWSScout2>. Further work is not planned for Scout2. Fixes will be implemented in Scout Suite.
-
-### Support
-
-The following cloud providers are currently supported/planned:
+The following cloud providers are currently supported:
 
 - Amazon Web Services
 - Microsoft Azure
 - Google Cloud Platform
 - Alibaba Cloud (alpha)
 - Oracle Cloud Infrastructure (alpha)
 
-### Installation
+## Installation
 
 Refer to the [wiki](https://github.com/nccgroup/ScoutSuite/wiki/Setup).
 
-## Compliance
-
-### AWS
-
-Use of Scout Suite does not require AWS users to complete and submit the AWS Vulnerability / Penetration Testing
-Request Form. Scout Suite only performs API calls to fetch configuration data and identify security gaps, which is not
-considered security scanning as it does not impact AWS' network and applications.
-
-### Azure
-
-Use of Scout Suite does not require Azure users to contact Microsoft to begin testing. The only requirement is that
-users abide by the Microsoft Cloud Unified Penetration Testing Rules of Engagement.
-
-References:
-- https://docs.microsoft.com/en-us/azure/security/azure-security-pen-testing
-- https://www.microsoft.com/en-us/msrc/pentest-rules-of-engagement
-
-### Google Cloud Platform
-
-Use of Scout Suite does not require GCP users to contact Google to begin testing. The only requirement is that users
-abide by the Cloud Platform Acceptable Use Policy and the Terms of Service and ensure that tests only affect projects
-you own (and not other customers' applications).
-
-References:
-- https://cloud.google.com/terms/aup
-- https://cloud.google.com/terms/
-
 ## Usage
 
-The following command will provide the list of available command line options:
-
-    $ python scout.py --help
-
-You can also use this to get help on a specific provider:
-
-    $ python scout.py PROVIDER --help
-
-For further details, checkout our Wiki pages at <https://github.com/nccgroup/ScoutSuite/wiki>.
-
-After performing a number of API calls, Scout will create a local HTML report and open it in the default browser.
-
-Also note that the command line will try to infer the argument name if possible when receiving partial switch. For
-example, this will work and use the selected profile:
-
-    $ python scout.py aws --profile PROFILE
-
-### Credentials
-
-Assuming you already have your provider's CLI up and running you should have your credentials already set up and be able to run Scout Suite by using one of the following commands. If that is not the case, please consult the wiki page for the provider desired.
-
-#### [Amazon Web Services](https://github.com/nccgroup/ScoutSuite/wiki/Amazon-Web-Services)
-
-    $ python scout.py aws
+Scout Suite is run through the CLI:
 
-#### [Azure](https://github.com/nccgroup/ScoutSuite/wiki/Azure)
+![Running Scout Suite](https://user-images.githubusercontent.com/13310971/78389085-22659d00-75b0-11ea-9f22-ea6fcaa6a1cd.gif)
 
-    $ python scout.py azure --cli
+Once this has completed, it will generate an HTML report including findings and Cloud account configuration:
 
-#### [Google Cloud Platform](https://github.com/nccgroup/ScoutSuite/wiki/Google-Cloud-Platform)
+![Scout Suite Report](https://user-images.githubusercontent.com/13310971/77861662-342bf680-71e4-11ea-8eed-ccaeb78c5f45.gif)
 
-    $ python scout.py gcp --user-account
+The above report was generated by running Scout Suite against https://github.com/nccgroup/sadcloud.
 
-Additional information can be found in the [wiki](https://github.com/nccgroup/ScoutSuite/wiki).
+Additional information can be found in the [wiki](https://github.com/nccgroup/ScoutSuite/wiki). 
+There are also a number of handy [tools](https://github.com/nccgroup/ScoutSuite/tree/master/tools) for automation of common tasks.

ScoutSuite/__init__.py

@@ -1,5 +1,5 @@
 __author__ = 'NCC Group'
-__version__ = '5.6.0'
+__version__ = '5.9.0'
 
 ERRORS_LIST = []