Cloudfox Versions Save

Automating situational awareness for cloud penetration tests.

v1.8.1

1 year ago

New commands:

  • AWS/lambdas - Lists the lambda functions in the account, including which one's have admin roles attached. Also gives you handy commands for downloading each function.
  • AWS/cloudformation - Lists the cloudformation stacks in the account. Generates loot file with stack details, stack parameters, and stack output - look for secrets.
  • AWS/ram - List all resources in this account that are shared with other accounts, or resources from other accounts that are shared with this account. Useful for cross-account attack paths.
  • AWS/tags - List all resources with tags, and all of the tags. This can be used similar to inventory as another method to identify what types of resources exist in an account.

Updated commands:

  • AWS/instances - Now checks all roles attached to instances to see if the role has administrative permissions

Other:

  • AWS - New multi profile support with an -all-profiles option --profiles-list option - new in 1.7.2 (Thanks @dbravo-bishopfox)
  • AWS - New services added to inventory - new in 1.7.1 (Thanks @wdahlenburg)
  • AWS - Added profile name to module output to help when using the new multi profile support

Commits

  • 7c8afb6: added cloudformation command (sethsec-bf) #15
  • 5525266: Merge remote-tracking branch 'origin/main' into seth-dev (sethsec-bf) #15
  • 71e85c2: merged pr #8 into this branch and added the new for loop logic to cloudformation command (sethsec-bf) #15
  • 9498d2d: first draft of a tags command (sethsec-bf) #15
  • 45e548c: cleaned up tags command a bit (sethsec-bf) #15
  • 7d8ebc2: first draft of lambda commandd (sethsec-bf) #15
  • 8ce9a00: fixed bug in outbound-assumed-roles - missing add to wg counter (sethsec-bf) #15
  • 40d7a3c: added loot to lambda command, added unique resource total for tags command, bumped version to 1.8.0 (sethsec-bf) #15
  • dadef38: updated lambda to include isAdmin check, fixed some bugs wtih all profiles, updated logrus so it could support one method calling another (sethsec-bf) #15
  • 2e82cc8: updated readme (sethsec-bf) #15
  • 2656257: Update README.md (Seth Art) #15
  • ffa8e09: added profile name to stdout messages (sethsec-bf) #15
  • 5183b32: fixed panic when file with list of profiles is not present (sethsec-bf) #15
  • 6ace000: fixed panic in all profiles mode when either credentials or config do not exist. (sethsec-bf) #15
  • f672c34: updated lambda admin lookup map to that we can check local map to see if we know if the role is an admin already (sethsec-bf) #15
  • 3e07186: got admin check working on instances (sethsec-bf) #15
  • 064f285: cleaned up instances table (sethsec-bf) #15
  • eb95e88: finally got ram command working (sethsec-bf) #15
  • d20b2b1: remove debug test (sethsec-bf) #15
  • 9fc38f5: alphabetize module names and client order (sethsec-bf) #15
  • 775c233: updated cloudfox permissions policy (sethsec-bf) #15
  • 8850384: pre 1..8.0 release cleanup (sethsec-bf) #15
  • ca7df5a: update image in readme (sethsec-bf) #15
  • 1c243c7: Update README.md (Seth Art) #15
  • ecdd33c: removed public col from lambda -- not ready yet (sethsec-bf) #15
  • c3dac71: updated version to 1.8.0 in main.go (sethsec-bf) #15
  • 79eb720: updated readme (sethsec-bf) #15
  • 118ed62: fixed bug in lambda loot where it was missing a parameter (sethsec-bf)

v1.7.2

1 year ago

Commits

  • 18f6cbe: saving work (David) #8
  • 065e04a: everything working (David) #8
  • e15c717: attempt 2 merge master (David) #8
  • b336538: update go.mod (David) #8
  • abe6f3d: merge main (David) #8
  • 3db423b: minor changes (David) #8
  • 7c323f4: fix removed packages (David) #8
  • 1a5f64e: update readme (David) #8
  • 712ec9c: Added a check to confirm all profiles, but also added a way to override the confirmation so that it can be run non-interactively even in this mode (sethsec-bf) #8
  • 8bfee76: Added error handling to multi profile mode for when a profile errors out. It would crash prorgram, but now it just skips the profile (sethsec-bf) #8
  • 00317a5: Added profiles that are only in .aws/config to GetAllAWSProfiles(). Added check to avoid duplicates (sethsec-bf) #8
  • bb879c3: removed prerun-check from aws cobra command (sethsec-bf) #8
  • cc38c1f: updated error message to include profile (sethsec-bf) #8
  • 467f6b4: fixed missing part of all-checks/inventory (sethsec-bf) #8
  • ee7c3c0: tried to use mock filesystem for tests, but still not working. TODO (sethsec-bf) #8
  • 6123172: small bugfix from env-vars command (motikan2010) #14
  • 4d4992d: update version for the 1.7.2 bug fix release (Seth Art)

v1.7.1

1 year ago

Summary

  • Added DynamoDB, Glue, SNS, and SQS to Inventory (thanks @wdahlenburg) (PR #4)
  • Added user-configurable concurrency limit (-g INT) (PR #6)
  • Fixed bug in file path that affected use on windows without a named profile (thanks the PR @rpunnett-bf) (PR #7)
  • Thanks @xntrick for catching a bug introduced between v1.7.0 and this v1.7.1 (PR #5)

Commits

  • a8d086b: Merge branch 'carlos-dev', remote-tracking branch 'origin' into seth-dev (sethsec-bf) #6
  • fe96654: Adding Glue, SNS, and SQS (Wyatt Dahlenburg) #4
  • bc72d93: Adding DynamoDB to inventory (Wyatt Dahlenburg) #4
  • 8dd7fba: updated output test (sethsec-bf) #6
  • 9a7ecc5: enabled ram (sethsec-bf) #6
  • a342c4d: Fixed NextToken bug in getGlueDevEndpointsPerRegion (sethsec-bf) #4
  • a63c62d: added new permissions to cloudfox-policy.json (sethsec-bf) #4
  • 79dbe13: using aws.ToString to avoid a potential nil pointer refernce bug if aws ever changes this API (sethsec-bf) #4
  • cd3a4be: Merge remote-tracking branch 'origin' into seth-dev (sethsec-bf) #6
  • 91ad816: Update to cloudfox-policy.json Sid (Christian Frichot) #5
  • 95d1fbc: Added concurrency to secrets. Added concurrency flag to all aws commands, only some of them use it so far though (sethsec-bf) #6
  • b3531fa: Merge remote-tracking branch 'origin' into seth-dev (sethsec-bf) #6
  • 351a9cc: Added concurrency limit to rest of modules that use conncurency. fixed bug with env-vars not getting the new goroutines number from cli (sethsec-bf) #6
  • 6aee478: disabled ram, fixed but added to ecr that messed up the concurrency counters (sethsec-bf) #6
  • 89c6c0d: disabled ram, fixed but added to ecr that messed up the concurrency counters (sethsec-bf) #6
  • e35aa61: tidy'd up and formated (sethsec-bf) #6
  • dfe2fc1: bumped version to 1.7.1 (sethsec-bf) #6
  • 58b9c73: Minor bug fixes and cleanups (unknown) #7
  • 26dbb56: Fixed some extra spaces (unknown) #7
  • 59b082a: renamed variables to be golang idiomatic, added comment to instances to document the reason for the improvement (sethsec-bf) #7
  • 7cafe1f: ported over the loot filepath change from buckets to all other commands (sethsec-bf) #7

v1.7.0

1 year ago

Commits

  • 664569b: Update README.md (carlosvendramini-bf)
  • 31d8c8e: Update README.md (carlosvendramini-bf)
  • d3ac589: Updated Readme (sethsec-bf)
  • fb85cb8: Updated Readme (sethsec-bf)
  • bf2e5aa: Updated Readme (sethsec-bf)
  • ea85207: Update README.md (Seth Art)
  • a9f2c5c: added newest output strategy to az instances v1 (carlosvendramini-bf)
  • f7c0e91: Update README.md (carlosvendramini-bf)
  • ee89a2d: Update README.md (carlosvendramini-bf)
  • 95b2371: Update README.md (Seth Art)
  • 8859c62: Update README.md (Seth Art)
  • a5f6317: added newest output strategy to az rbac v1 and phased out old output strategy completely (carlosvendramini-bf)
  • 8b83d5b: Merge remote-tracking branch 'origin/seth-dev' into carlos-dev (carlosvendramini-bf)
  • 752833f: Update README.md (carlosvendramini-bf)
  • b18d1a2: Merge remote-tracking branch 'origin/carlos-dev' (cvendramini2)
  • 0e2a033: 1.7.0 release (cvendramini2)

v1.6.0

1 year ago