CloudFox

CloudFox helps you achieve situational awareness in unfamiliar cloud environments.

This is an open source command line tool designed to assist penetration testers and other professionals in offensive security with identifying exploitable attack paths within cloud infrastructure. CloudFox helps you address the following common questions (and many more): - Which regions is this AWS account utilizing, and approximately how many resources are present in the account? - What sensitive information may be hidden in EC2 userdata or specific environment variables? - Which workloads possess administrative permissions? - What actions or permissions are available to this [principal]? - Are there any role trusts that are excessively permissive or permit cross-account assumption? - From an external starting point (public internet), what endpoints, hostnames, or IPs can I potentially target? - From an internal starting point (assuming a breach within the VPC), what endpoints, hostnames, or IPs can I target? - What filesystems might I be able to mount from a compromised resource located inside the VPC? Demos, Examples, Walkthroughs Blog - Introducing: CloudFox Video - CloudFox + CloudFoxable: A Powerful Duo for Mastering the Art of Identifying and Exploiting AWS Attack Paths Video - Penetration Testing with CloudFox