Code Monkey home page Code Monkey logo

cloudsecpen's Introduction

CloudSecPen

CloudSecPen is a security penetration testing framework designed for both Azure and AWS environments. This tool provides a user-friendly menu interface to facilitate the enumeration, information gathering, lateral movement, privilege escalation, exploitation, and credential attacks on cloud infrastructures. It integrates multiple third-party tools, allowing security professionals to perform in-depth security assessments with ease.

Features

Enumeration

Information Gathering

  • Azure AD Interaction and Assessment

Lateral Movement

  • Azure Object Graphing

  • Privilege Entity Discovery

  • Vulnerability Scanning

Privilege Escalation

  • Privilege Escalation Tools
    • AzureADLateralMovement: GitHub

Exploitation

  • Script-Based Exploitation

  • Exploitation via Teams

    • Microsoft-Teams-GIFShell: GitHub

Credential Attacks

  • Password Spraying

  • MFA and Credential Dumping

AWS Tools

Enumeration

Information Gathering

Lateral Movement

Privilege Escalation

Exploitation

Credential Attacks

Installation

  1. Clone the repository: git clone https://github.com/yourusername/cloudsecpen.git cd cloudsecpen

  2. Install dependencies: python3 dependencies.py

Usage

  1. Run the script: python3 main.py

  2. Follow the menu prompts to select the desired cloud environment (Azure or AWS) and the specific tool or action you want to perform.

Dependencies

The project includes dependencies for various tools used in the enumeration, information gathering, lateral movement, privilege escalation, exploitation, and credential attacks. Ensure you have git, pip, and go installed for managing dependencies.

Contributing

Contributions are welcome! Please open an issue or submit a pull request for any improvements or bug fixes.

License

This project is licensed under the MIT License. See the LICENSE file for details.

Author: Luka Bayer
Version: 1.0/Beta
Date: 06/2024

cloudsecpen's People

Contributors

byrlk avatar

Watchers

 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.