306 tools indexed

cloud_enum

MIT

☁️ Cloud Recon · Python

cloud_enum is a multi-cloud OSINT tool that enumerates public resources in Amazon Web Services, Microsoft Azure, and Google Cloud Platform. Given a set of keywords, it discovers publicly accessible storage buckets (S3, Azure Blobs, GCP Buckets), web applications (Azure App Services, AWS Elastic Beanstalk), databases, and other resources that may be inadvertently exposed. It uses brute-force enumeration with configurable wordlists and mutation rules to generate permutations of target keywords, then checks each cloud provider for matching resources. This is particularly effective during the reconnaissance phase of penetration tests or bug bounty hunting, where misconfigured cloud storage is a common finding.

2.1kstars

294forks

3issues

Updated 8mo ago

Installation

pip

$ pip install cloud_enum

from source

$ git clone https://github.com/initstring/cloud_enum.git && cd cloud_enum && pip install -r requirements.txt

Use Cases

Discovering exposed S3 buckets, Azure Blobs, and GCP Buckets from target keywords
Enumerating cloud-hosted web applications and services during recon
Finding misconfigured public cloud resources in bug bounty programs
Running keyword-based cloud asset discovery as part of external attack surface mapping

Tags

cloud-osints3azure-blobsgcp-bucketsenumerationmulti-cloudosintpenetration-testing

Details

Category: ☁️ Cloud Recon
Language: Python
Repository: initstring/cloud_enum
License: MIT
Platforms: 🐧linux🍎macos🪟windows

Links

GitHub Repository

github.com/initstring/cloud_enum

Releases

github.com/initstring/cloud_enum/releases

Issues

github.com/initstring/cloud_enum/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Alternatives & Comparisons

Prowler

Cloud security assessment tool. 300+ checks for AWS, Azure, GCP, and Kubernetes against CIS benchmarks.

Compare cloud_enum vs Prowler

ScoutSuite

Multi-cloud security auditing tool for AWS, Azure, GCP, Alibaba Cloud, and Oracle Cloud.

Compare cloud_enum vs ScoutSuite

CloudMapper

Analyze AWS environments to create network diagrams and identify security risks.

Compare cloud_enum vs CloudMapper

CloudBrute

Cloud infrastructure enumerator to find company assets across multiple cloud providers.

Compare cloud_enum vs CloudBrute

CloudFox

Find exploitable attack paths in cloud infrastructure by enumerating IAM permissions, secrets, and network exposure.

Compare cloud_enum vs CloudFox

CloudSploit

Open-source cloud security configuration scanner for AWS, Azure, GCP, and Oracle Cloud Infrastructure.

Compare cloud_enum vs CloudSploit

Cartography

Intel graph of cloud infrastructure. Maps relationships between AWS, GCP, Azure, and other services into a Neo4j graph.

Compare cloud_enum vs Cartography

Steampipe

Query cloud APIs with SQL. Zero-ETL approach to infrastructure visibility across AWS, Azure, GCP, and 140+ plugins.

Compare cloud_enum vs Steampipe

CloudFlair

Find origin servers behind Cloudflare. Uses Censys to discover the real IP address of Cloudflare-protected websites.

Compare cloud_enum vs CloudFlair

WeirdAAL

AWS Attack Library. Enumerate, exploit, and backdoor AWS services with organized modules for cloud penetration testing.

Compare cloud_enum vs WeirdAAL

More in Cloud Recon

ScoutSuite

Multi-cloud security auditing tool for AWS, Azure, GCP, Alibaba Cloud, and Oracle Cloud.

CloudMapper

Analyze AWS environments to create network diagrams and identify security risks.

awsnetwork-diagramvisualization

S3Scanner

Scan for misconfigured S3 buckets across AWS regions and dump accessible contents.

CloudBrute

Cloud infrastructure enumerator to find company assets across multiple cloud providers.

cloudenumerationassets

MicroBurst

PowerShell toolkit for attacking Azure services including storage, key vaults, and automation.

azurepowershellstorage

ROADtools

Framework for Azure AD enumeration and exploitation via the internal ROADrecon and ROADlib modules.

azure-adenumerationactive-directory