Skip to content

Resources

Enum

Tool Description
UpdateCloudIPs
cloud_enum
  • Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and GCP
  • Usage: python cloudenum.py -k keyword
cloud-service-enum
  • Cloud Services Enumeration
cloudlist
  • Obtain public assets (hostnames, IPs)

Exploitation

Tool Description
GCP BucketBrute
  • Enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated
  • Usage: $ python3 gcpbucketbrute.py -k <KEYWORD> -f <sa-priv-key.pem> -o ./out.txt
CCAT
  • Cloud Container Attack Tool (CCAT)
  • A tool for testing security of container environments (ECS, EKS, and ECR)
PrivEscScanner
  • Scan your project hierarchy for all permissions granted to all members, then check for privilege escalation vulnerabilities