Cartography vs cloud_enum
GitHub Stats
About Cartography
Cartography is a Python tool developed by Lyft that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by Neo4j. It ingests data from AWS, GCP, Azure, Okta, GitHub, and other services to build a comprehensive map of your cloud environment. Security teams use Cartography to identify attack paths, find misconfigurations, and understand blast radius by querying relationships between resources like EC2 instances, S3 buckets, IAM roles, and security groups. Its graph-based approach makes it easy to ask questions like 'which instances can reach this database' or 'which IAM users have admin access across accounts' that would be extremely difficult with flat inventory tools.
About cloud_enum
cloud_enum is a multi-cloud OSINT tool that enumerates public resources in Amazon Web Services, Microsoft Azure, and Google Cloud Platform. Given a set of keywords, it discovers publicly accessible storage buckets (S3, Azure Blobs, GCP Buckets), web applications (Azure App Services, AWS Elastic Beanstalk), databases, and other resources that may be inadvertently exposed. It uses brute-force enumeration with configurable wordlists and mutation rules to generate permutations of target keywords, then checks each cloud provider for matching resources. This is particularly effective during the reconnaissance phase of penetration tests or bug bounty hunting, where misconfigured cloud storage is a common finding.
Platform Support
Tags
Cartography only
cloud_enum only