CloudFox

CloudFox

CloudFox is an open-source command-line tool designed to enhance situational awareness during cloud penetration tests. It automates the process of identifying exploitable attack paths in cloud infrastructures by answering key questions such as:

• What regions is this AWS account using and how many resources are there?
• What secrets are found in EC2 userdata or service-specific environment variables?
• What workloads have administrative permissions attached?
• What actions/permissions does a specific principal have?
• What endpoints/hostnames/IPs can be attacked from external/internal starting points?

Key Features:

• Modular execution: Run one command at a time or use the 'all-checks' command for comprehensive analysis.
• Designed to assist penetration testers with limited read-only permissions for efficient testing.
• Integrates with AWS, Azure, and GCP, providing compatibility with multiple cloud platforms.
• Custom logging for error analysis to understand what access is available based on provided credentials.

Benefits:

• Helps security professionals gain valuable insights in unfamiliar cloud environments,
• Streamlines manual penetration testing activities by providing necessary information quickly.
• Encourages proactive security assessments through effective reconnaissance and enumeration methods.