Home
CloudFox helps you gain situational awareness in unfamiliar cloud environments. It's an open source command line tool created to help penetration testers and other offensive security professionals find exploitable attack paths in cloud infrastructure. CloudFox uses a modular approach, which facilitates user experience, development, and is less prone to dependency issues. It currently supports AWS, Azure, and GCP.
Usage Guides
Supported Cloud Providers
| Provider | Commands | Status |
|---|---|---|
| AWS | 34 | Stable |
| Azure | 4 | Active Development |
| GCP | 58 | Stable |
Installation
Binary Install
Download the latest release for your platform.
Homebrew
Install from source
Install Go, clone the tool's repository and compile from source
# git clone https://github.com/BishopFox/cloudfox.git
...omitted for brevity...
# cd ./cloudfox
# go build .
Quick Start
AWS
# Run all checks against a profile cloudfox aws --profile my-profile all-checks # Run a specific command cloudfox aws --profile my-profile instances
Azure
# Run a specific command against a subscription
cloudfox azure --subscription SUBSCRIPTION_ID vmsGCP
# Run a specific command against a project cloudfox gcp --project my-project instances # Run against all projects in a folder cloudfox gcp --folder FOLDER_ID buckets # Run against all projects in an organization cloudfox gcp --organization ORG_ID whoami # Run against a list of projects cloudfox gcp -l projects.txt all-checks # Use flat output instead of hierarchical cloudfox gcp --project my-project --flat instances
Output Structure: GCP commands output to a hierarchical directory structure mirroring your org/folder/project hierarchy. See GCP Commands - Output Structure for details.
How To Contribute
Request new features/commands
Request a new feature by opening an issue via GitHub, or using GitHub's discussions board
Submit new features/commands
- Fork the CloudFox repository,
- Make your changes
- Submit a pull request
For questions please create an issue.