CloudFox vs CloudGoat
GitHub Stats
About CloudFox
CloudFox is a tool for identifying exploitable attack paths within cloud infrastructures. It enumerates IAM permissions, secrets, and network exposure to uncover potential vulnerabilities in AWS and Azure environments. Written in Go, CloudFox helps security professionals assess the security posture of cloud deployments by revealing misconfigurations and access control weaknesses. The tool is essential for cloud security audits and penetration testing.
About CloudGoat
CloudGoat is Rhino Security Labs' 'Vulnerable by Design' AWS deployment tool. It provisions intentionally misconfigured AWS environments (scenarios) using Terraform, creating realistic attack paths for practicing cloud penetration testing. Scenarios include IAM privilege escalation, Lambda function exploitation, EC2 SSRF to metadata service, S3 bucket misconfigurations, and cross-account access abuse. Each scenario has documented start and end conditions with multiple solution paths. CloudGoat provisions and destroys environments on demand in your own AWS account, providing hands-on practice with real AWS services rather than simulations.
Platform Support
Tags
Shared
CloudFox only
CloudGoat only