CFRipper¶
CFRipper is a Python tool that aims to prevent vulnerabilities from getting to production infrastructure through vulnerable CloudFormation scripts.
Developing¶
The project comes with a set of commands you can use to run common operations:
make install
: Installs run time dependencies.make install-dev
: Installs dev dependencies together with run time dependencies.make freeze
: Freezes dependencies fromsetup.py
torequirements.txt
(including transitive ones).make lint
: Runs static analysis.make coverage
: Runs all tests collecting coverage.make test
: Runslint
andcomponent
.
Contributing¶
See CONTRIBUTING.md file to add a contribution.
Attribution¶
Some of our rules were inspired by cfn-nag. We also use their example scripts in our test cases.