CloudSecPen is a security penetration testing framework designed for both Azure and AWS environments. This tool provides a user-friendly menu interface to facilitate the enumeration, information gathering, lateral movement, privilege escalation, exploitation, and credential attacks on cloud infrastructures. It integrates multiple third-party tools, allowing security professionals to perform in-depth security assessments with ease.
-
Email Enumeration
-
Cloud Resource Enumeration
- Azure AD Interaction and Assessment
- ROADtools: GitHub
-
Azure Object Graphing
- Stormspotter: GitHub
-
Privilege Entity Discovery
- SkyArk: GitHub
-
Vulnerability Scanning
- omigood: GitHub
- Privilege Escalation Tools
- AzureADLateralMovement: GitHub
-
Script-Based Exploitation
- MicroBurst: GitHub
-
Exploitation via Teams
- Microsoft-Teams-GIFShell: GitHub
-
Password Spraying
-
MFA and Credential Dumping
- pacu: GitHub
- aws-vault: GitHub
-
Clone the repository: git clone https://github.com/yourusername/cloudsecpen.git cd cloudsecpen
-
Install dependencies: python3 dependencies.py
-
Run the script: python3 main.py
-
Follow the menu prompts to select the desired cloud environment (Azure or AWS) and the specific tool or action you want to perform.
The project includes dependencies for various tools used in the enumeration, information gathering, lateral movement, privilege escalation, exploitation, and credential attacks. Ensure you have git, pip, and go installed for managing dependencies.
Contributions are welcome! Please open an issue or submit a pull request for any improvements or bug fixes.
This project is licensed under the MIT License. See the LICENSE file for details.
Author: Luka Bayer
Version: 1.0/Beta
Date: 06/2024