CloudFox, an open source tool made by cybersecurity company Bishop Fox to assist in locating vulnerable attack vectors in cloud infrastructure, has been released.
For penetration testers and other offensive security experts, a command line tool has been developed. Even those who are just getting started with cloud pentesting will find CloudFox to be simple to use thanks to the collection of enumeration commands it offers. Bishop Fox intends to expand support for Microsoft Azure, Google Cloud Platform, and Kubernetes in addition to the current AWS compatibility.
The tool can show which regions the AWS account uses, how many resources are used by common services, how much information is hidden in EC2 user data, what rights the principal has, which endpoints or IPs are exposed, and which file systems can be placed from a compromised resource from inside the VPC.
“CloudFox is designed to be executed by a principal with limited read-only permissions, but its purpose is to help you find attack paths that can be exploited in simulated compromise scenarios (aka, objective based penetration testing),” Bishop Fox explained.
“There are a lot of tools that help you analyze cloud environments, but many of them are more focused on security baseline compliance rather than attack paths. We hope you find that CloudFox can automate the boring stuff and help you identify and exploit latent attack paths more quickly and comprehensively,” said Seth Art, principal security consultant at Bishop Fox.
You may access the CloudFox source code on GitHub.