Cloud Security

CloudHunter is a potent reconnaissance tool for discovering and investigating security vulnerabilities in cloud storage buckets across providers. The tool's objective is to identify and display the permissions for potentially problematic buckets, giving users important information about the security of cloud storage setups.

CloudEnum is a versatile multi-cloud OSINT (Open-source intelligence) tool designed to enumerate public resources in popular cloud service providers such as AWS (Amazon Web Services), Azure (Microsoft Azure), and Google Cloud Platform (GCP). This tool aids in discovering various resources within these cloud environments, providing valuable insights into potential security vulnerabilities.

Barq is a post-exploitation framework designed to carry out assaults on a live Amazon infrastructure. Targeting live EC2 instances is made simpler by not requiring the original instance SSH keypairs.Additionally, AWS's secret and parameter storage may be listed and extracted using Barq.

An open-source programme called BlobHunter is used to search Azure blob storage accounts for publicly available blobs. BlobHunter, a vital tool for locating improperly configured containers hosting sensitive data within Azure subscriptions, was created as a component of the "Hunting Azure Blobs Exposes Millions of SensitiveFiles" investigation.

Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, and Linode are a few of the major cloud service providers. A powerful tool for identifying a company's (target) infrastructure, data, and software on these platforms is called CloudBrute. This tool is helpful for bug bounty hunters, red teams, and penetration testers who are trying to identify and assess cloud-based vulnerabilities.

A useful tool for examining Amazon Web Services (AWS) infrastructures is called CloudMapper. CloudMapper currently supports a wide range of functions, including audits for security concerns. It was first developed for creating network diagrams. Although the network visualisation functionality (command prepare) is no longer supported, the tool is still developing and getting new capabilities.

The open-source Scout Suite multi-cloud security auditing tool is intended to evaluate the security status of cloud systems. It collects configuration information from cloud providers using their open APIs, enabling security consultants and auditors to manually review systems and spot any security vulnerabilities. Scout Suite provides a clear, automated picture of the attack surface rather than browsing via online interfaces.

To assist penetration testers and offensive security specialists in becoming situationally aware in novel cloud environments, the open-source CloudFox command-line tool was developed. It assists in identifying weak attack vectors in cloud infrastructure by replying to several questions about the configuration and security posture of the cloud environment.

AWS exploitation framework Pacu is open-source and developed for offensive security testing against cloud systems. Pacu, which Rhino Security Labs created and maintains, enables penetration testers to take advantage of configuration bugs in an AWS account. It uses modules to quickly increase the capability of its system, making a variety of attacks possible, such as user privilege escalation, IAM user backdooring, Lambda function exploitation, and others.

Prowler is an open-source security tool made for doing assessments, audits, incident response, continuous monitoring, hardening, and forensics ready for AWS, GCP, and Azure security best practises.It has a large number of controls that cover many compliance frameworks, including ENS (Spanish National Security Scheme), CIS, NIST 800, NIST CSF, CISA, RBI, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, and AWS Well-Architected Framework Security Pillar.

An open-source project called CloudSploit by Aqua enables the identification of security concerns in cloud infrastructure accounts, such as those for GitHub, Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and Oracle Cloud Infrastructure (OCI). These programmes provide a long list of possible security flaws and setup errors.