-
Notifications
You must be signed in to change notification settings - Fork 222
Home
CloudFox helps you gain situational awareness in unfamiliar cloud environments. It's an open source command line tool created to help penetration testers and other offensive security professionals find exploitable attack paths in cloud infrastructure. CloudFox uses a modular approach, which facilitates user experience, development, and is less prone to dependency issues. It currently supports AWS, Azure, and GCP.
| Provider | Commands | Status |
|---|---|---|
| AWS | 34 | Stable |
| Azure | 4 | Active Development |
| GCP | 58 | Stable |
Download the latest release for your platform.
brew install cloudfoxInstall Go, clone the tool's repository and compile from source
# git clone https://github.com/BishopFox/cloudfox.git
...omitted for brevity...
# cd ./cloudfox
# go build .
# Run all checks against a profile
cloudfox aws --profile my-profile all-checks
# Run a specific command
cloudfox aws --profile my-profile instances# Run a specific command against a subscription
cloudfox azure --subscription SUBSCRIPTION_ID vms# Run a specific command against a project
cloudfox gcp --project my-project instances
# Run against all projects in a folder
cloudfox gcp --folder FOLDER_ID buckets
# Run against all projects in an organization
cloudfox gcp --organization ORG_ID whoami
# Run against a list of projects
cloudfox gcp -l projects.txt all-checks
# Use flat output instead of hierarchical
cloudfox gcp --project my-project --flat instancesOutput Structure: GCP commands output to a hierarchical directory structure mirroring your org/folder/project hierarchy. See GCP Commands - Output Structure for details.
Request new features/commands
Request a new feature by opening an issue via GitHub, or using GitHub's discussions board
Submit new features/commands
- Fork the CloudFox repository,
- Make your changes
- Submit a pull request
For questions please create an issue.