cloud_enum vs WeirdAAL
GitHub Stats
About cloud_enum
cloud_enum is a multi-cloud OSINT tool that enumerates public resources in Amazon Web Services, Microsoft Azure, and Google Cloud Platform. Given a set of keywords, it discovers publicly accessible storage buckets (S3, Azure Blobs, GCP Buckets), web applications (Azure App Services, AWS Elastic Beanstalk), databases, and other resources that may be inadvertently exposed. It uses brute-force enumeration with configurable wordlists and mutation rules to generate permutations of target keywords, then checks each cloud provider for matching resources. This is particularly effective during the reconnaissance phase of penetration tests or bug bounty hunting, where misconfigured cloud storage is a common finding.
About WeirdAAL
WeirdAAL (AWS Attack Library) is a Python framework for offensive testing of Amazon Web Services environments. It organizes AWS attacks into categorized modules covering enumeration (listing resources, permissions, and configurations across services), exploitation (abusing misconfigurations and excessive permissions), and persistence (creating backdoor access). WeirdAAL supports testing across a wide range of AWS services including IAM, EC2, S3, Lambda, STS, CloudTrail, and many others. Each module performs a specific action - from enumerating all S3 buckets and their ACLs, to checking for privilege escalation paths through IAM policy misconfigurations, to creating persistence mechanisms via Lambda backdoors. WeirdAAL uses boto3 and works with standard AWS credential configurations, making it easy to test with compromised or provided access keys.
Platform Support
Tags
Shared
cloud_enum only
WeirdAAL only