Automic VaultAutomic Vault

brew

Install trailscraper with Homebrew

Tool to get valuable information out of AWS CloudTrail. Version 0.10.0 via Homebrew; verified 2026-05-15.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install trailscraper

local Homebrew formula metadata

overview

Package summary

Tool to get valuable information out of AWS CloudTrail

Commands and aliases

  • trailscraper

history

Project history and usage

TrailScraper is a small security-oriented command-line tool for extracting useful information from AWS CloudTrail and working with IAM policies. Its documented workflow centers on selecting or downloading CloudTrail records, then generating or extending IAM policy statements from the observed API activity.

Project history

The project presents itself as both a CloudTrail analysis tool and a general-purpose IAM policy toolbox. Its README documents Homebrew, pip, and container installation paths, and notes that container images from version 0.7.0 onward moved to GitHub Container Registry while older images remained on DockerHub.

Official release metadata shows TrailScraper continuing as a low-volume but maintained utility through the 2020s, with releases from the 0.5 series in 2018 through 0.10.0 at the end of 2025.

Adoption history

TrailScraper's adoption appears concentrated in AWS security and infrastructure workflows rather than broad developer use. The official README leads with `brew install trailscraper`, `pip install trailscraper`, and Docker examples, indicating that its audience is operators who want the tool available in local shells, CI jobs, or short-lived containers.

How it is used

The CLI is used to query CloudTrail directly, download CloudTrail logs from S3, filter downloaded records, and pipe selected records into policy generation. Its examples include account, region, organization-trail, time-window, and assumed-role filters, then show JSON IAM policy output.

Why package nerds care

For package-manager users, TrailScraper is notable as a focused AWS least-privilege helper that can be installed without cloning a security toolkit. Its Homebrew and container install paths make it convenient for ephemeral audits, Terraform-permission discovery, and shell pipelines around AWS credentials.

Timeline

  • 2018: Official GitHub releases include the 0.5 series.
  • 2021: The README notes that current container images starting with 0.7.0 are published on GitHub Container Registry.
  • 2025: Official GitHub releases list version 0.10.0.

Related projects

  • TrailScraper operates in the same AWS security niche as IAM policy generation, CloudTrail log analysis, and infrastructure-as-code permission discovery tools. Its README also points users to cfn-flip when they want generated policies converted from JSON to CloudFormation YAML.

security posture

Risk level: orange

infrastructure mutation or orchestration signal.

Risk classifier

orange risk · medium confidence · infrastructure

Why

  • infrastructure mutation or orchestration signal

Signals

  • text:cloud

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 8 platform targets.
  • Installs with 1 runtime dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Credential files

Credential-bearing paths to review before unattended agent runs.

Unix
~/.aws

executables

Installed executables

CommandKindExposureNote
trailscrapercliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version0.10.0
manager updated2026-05-15
local dataok
upstreamnot checked
latest detectednot detected

https://github.com/flosell/trailscraper

install metadata

Package metadata

Package keybrew:trailscraper
Version0.10.0
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/trailscraper
Homepagehttps://github.com/flosell/trailscraper
Repositoryhttps://github.com/flosell/trailscraper
Upstream docshttps://github.com/flosell/trailscraper#readme
LicenseApache-2.0
Source archivehttps://files.pythonhosted.org/packages/43/82/74344dd629ac17dc4b3906eb07a53a731c3ccc80913abdbbe378c658498f/trailscraper-0.10.0.tar.gz
Last updated2026-05-15T13:33:37Z
Pulseupdated
Dependenciespython@3.14
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sequoia, sonoma, tahoe, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nametrailscraper
Version Scheme0
Revision2
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • package relationship graph
  • package version freshness
  • package-page enrichment