CloudJack
Assesses AWS accounts for subdomain hijacking via Route53/CloudFront
CloudJack
Assesses AWS accounts for subdomain hijacking via Route53/CloudFront
Founder & Fractional CISO
Not sure if CloudJack is right for your team?
Book a 60-minute strategy call with Nikoloz. You will get a clear roadmap to evaluate products and make a decision.
→Align tool selection with your actual business goals
→Right-sized for your stage (not enterprise bloat)
→Not 47 options, exactly 3 that fit your needs
→Stop researching, start deciding
→Questions that reveal if the tool actually works
→Most companies never ask these
→The costs vendors hide in contracts
→How to uncover real Total Cost of Ownerhship before signing
CloudJack Description
CloudJack is a vulnerability assessment utility that identifies subdomain hijacking vulnerabilities in AWS environments resulting from decoupled Route53 and CloudFront configurations. The tool detects two specific vulnerability scenarios: Route53 aliases that reference deleted CloudFront web distributions, and Route53 aliases that point to active CloudFront distributions with deleted CNAMEs. The tool operates by analyzing AWS Route53 hosted zones and CloudFront distributions to identify misconfigurations that could allow attackers to create matching CloudFront distributions or CNAMEs in their own accounts. This exploitation enables attackers to spoof the victim's web site content that would otherwise be accessed through the legitimate account. CloudJack requires AWS IAM credentials with specific permissions for Route53 ListHostedZones, ListResourceRecordSets, and CloudFront ListDistributions actions. The tool integrates with AWS CLI configurations stored in ~/.aws/credentials and supports multiple AWS profiles. It provides output in both text and JSON formats for integration with other security workflows. The utility is implemented in Python and uses the AWS SDK boto3 package. Both Python 2 and Python 3 versions are available. The tool is released under GPL-3.0 license and is available as an open source project on GitHub.
CloudJack FAQ
Common questions about CloudJack including features, pricing, alternatives, and user reviews.
CloudJack is Assesses AWS accounts for subdomain hijacking via Route53/CloudFront. It is a Vulnerability Management solution designed to help security teams with Subdomain Takeover, AWS Security, Vulnerability Assessment.
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
Fractional CISO services for B2B companies to build security programs
Stay Updated with Mandos Brief
Get the latest cybersecurity updates in your inbox
TRENDING CATEGORIES
POPULAR
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
AI security assurance platform for red-teaming, guardrails & compliance
Real-time OSINT monitoring for leaked credentials, data, and infrastructure
