CFRipper is a Python tool that aims to prevent vulnerabilities from getting to production infrastructure through vulnerable CloudFormation scripts.
The project comes with a set of commands you can use to run common operations:
make install: Installs run time dependencies.
make install-dev: Installs dev dependencies together with run time dependencies.
make freeze: Freezes dependencies from
requirements.txt(including transitive ones).
make lint: Runs static analysis.
make coverage: Runs all tests collecting coverage.
make test: Runs
See CONTRIBUTING.md file to add a contribution.
Some of our rules were inspired by cfn-nag. We also use their example scripts in our test cases.