Prowler – AWS Security Assessment tools

What is Prowler?

During my research on how to do an security assessment on the cloud infrastructure, i stumble with Prowler tools which been write by Toni de la Fuente Twitter. The origin of the “Prowler” is from a song on the late 1980’s which been sang by Iron Maiden debut album. Prowler is a tools where it been written for the AWS security assessment, auditing and hardening purpose. The tools is following the guidelines of the CIS Amazon Web Service Foundations Benchmark and it also performs an extra checking as well.

Prowler’s Function

This tools can done a few things such as the following:

  • A proper report with colourish/monochrome type
  • A CSV type of report format
  • Running a specific type of checks without having to run the entire report.
  • Possible to run and check multiple AWS accounts in parallel


First Step

Let’s go into business.

Firstly, we will need to download the tools from here by using .zip format.


You can download it using terminal where the command are git clone

Second Step

After finish download and install step, we will to install the awscli for those who dont have the awscli installed.

Later, we will need to use the command aws configure to key-in the input on the Key of the AWS access

You’re already to go when the aws configure is completed.

Final Step

Now, Let get start with the assessment

We will need to run the command such as ./prowler or ./ is depends on the installer format you get)

If need more help on the command, we can go for ./prowler -h

Source: Github: prowler and Savage Security Blog:Securing Your AWS Infrastructure Using Prowler

Author: Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *