CloudFox Logo

CloudFox

0
Free
Visit Website

CloudFox helps you gain situational awareness in unfamiliar cloud environments. It’s an open source command line tool created to help penetration testers and other offensive security professionals find exploitable attack paths in cloud infrastructure. CloudFox helps you answer the following common questions (and many more): - What regions is this AWS account using and roughly how many resources are in the account? - What secrets are lurking in EC2 userdata or service specific environment variables? - What workloads have administrative permissions attached? - What actions/permissions does this [principal] have? - What role trusts are overly permissive or allow cross-account assumption? - What endpoints/hostnames/IPs can I attack from an external starting point (public internet)? - What endpoints/hostnames/IPs can I attack from an internal starting point (assumed breach within the VPC)? - What filesystems can I potentially mount from a compromised resource inside the VPC? Demos, Examples, Walkthroughs Blog - Introducing: CloudFox Video - CloudFox + CloudFoxable A Powerful Duo for Mastering the Art of Identifying and Exploiting AWS Attack Paths Video - Penetration Testing with CloudFox

FEATURES

ALTERNATIVES

Stay up-to-date on the latest trends and developments in AWS Cloud Security with this weekly digest newsletter.

A tool for building Open Container Initiative (OCI) container images with various functionalities.

AWS serverless cloud security tool for parsing and alerting on CloudTrail logs using EQL.

Learn how to secure applications in Kubernetes Engine by granting varying levels of privilege based on requirements.

Cloud security platform that provides configuration monitoring, compliance management, and security analysis across multi-cloud environments.

Commercial

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Commercial

An open source cloud security platform for discovering, prioritizing, and remediating risks in the cloud.

Cloud Security Suite (cs-suite) - Version 3.0 Usage for cloud security audits on AWS, GCP, Azure, and DigitalOcean.

PINNED