CloudFox is an open-source command-line tool specifically created for penetration testers and offensive security experts to enhance their understanding of unfamiliar cloud environments. It aids in identifying vulnerable attack routes within cloud infrastructure and provides answers to various questions regarding the configuration and security status of the cloud environment.
Features
Cloud Provider Support:
- AWS
- Azure
White Box Enumeration:
· Designed to be executed by a principal withlimited read-only permissions.
· Helps find attack paths that can be exploited insimulated compromise scenarios.
Black Box Enumeration:
· Can be used with "found" credentialsto check for access silently.
· Fails silently, and any data returned means the"found" credentials have the necessary access.
Features
· List active access keys.
· List buckets and inspect them further.
· List CloudFormation stacks and generate lootfiles.
· List ECS tasks and associated details.
· Enumerate endpoints from various services.
· Grab environment variables from supportedservices.
· Enumerate EFS and FSx filesystems.
· IAM simulation for policy evaluation.
· Enumerate useful information for EC2 instances.
Install
Demos, Examples, Walkthroughs
Video - Tool Talk: CloudFox AWS sub-command walkthroughs
