mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-18 10:26:09 +00:00
Added CloudFox and CloudFoxable
This commit is contained in:
parent
53ec79abd0
commit
339a51cd0d
@ -35,6 +35,7 @@
|
||||
|
||||
## Training
|
||||
|
||||
* CloudFoxable: A Gamified Cloud Hacking Sandbox - https://cloudfoxable.bishopfox.com/
|
||||
* AWSGoat : A Damn Vulnerable AWS Infrastructure - https://github.com/ine-labs/AWSGoat
|
||||
* Damn Vulnerable Cloud Application - https://medium.com/poka-techblog/privilege-escalation-in-the-cloud-from-ssrf-to-global-account-administrator-fd943cf5a2f6
|
||||
* SadCloud - https://github.com/nccgroup/sadcloud
|
||||
@ -43,6 +44,17 @@
|
||||
|
||||
## Tools
|
||||
|
||||
* [CloudFox](https://github.com/BishopFox/CloudFox/) - Automating situational awareness for cloud penetration tests. Designed for white box enumeration (SecurityAudit/ReadOnly type permission), but can be used for black box (found credentials) as well.
|
||||
* Either Download the [latest binary release](https://github.com/BishopFox/cloudfox/releases) for your platform, or build it from source.
|
||||
```
|
||||
git clone https://github.com/BishopFox/cloudfox.git
|
||||
cd ./cloudfox
|
||||
go build .
|
||||
```
|
||||
|
||||
* Run all AWS checks: `cloudfox aws --profile [profile-name] all-checks`
|
||||
* List all AWS checks: `cloudfox aws`
|
||||
|
||||
* [SkyArk](https://github.com/cyberark/SkyArk) - Discover the most privileged users in the scanned AWS environment, including the AWS Shadow Admins
|
||||
* Requires read-Only permissions over IAM service
|
||||
```powershell
|
||||
|
Loading…
Reference in New Issue
Block a user