|
1 | 1 | # cloud_enum |
| 2 | + |
| 3 | +## Future of cloud_enum |
| 4 | + |
| 5 | +I built this tool in 2019 for a pentest involving Azure, as no other enumeration tools supported it at the time. It grew from there, and I learned a lot while adding features. |
| 6 | + |
| 7 | +Building tools is fun, but maintaining tools is hard. I haven't actively used this tool myself in a while, but I've done my best to fix bugs and review pull requests. |
| 8 | + |
| 9 | +Moving forward, it makes sense to consolidate this functionality into a well-maintained project that handles the essentials (web/dns requests, threading, I/O, logging, etc.). [Nuclei](https://github.com/projectdiscovery/nuclei) is really well suited for this. You can see my first PR to migrate cloud_enum functionality to Nuclei [here](https://github.com/projectdiscovery/nuclei-templates/pull/6865). |
| 10 | + |
| 11 | +I encourage others to contribute templates to Nuclei, allowing us to focus on detecting cloud resources while leaving the groundwork to Nuclei. |
| 12 | + |
| 13 | +I'll still try to review PRs here to address bugs as time permits, but likely won't have time for major changes. |
| 14 | + |
| 15 | +Thanks to all the great contributors. Good luck with your recon! |
| 16 | + |
| 17 | +## Overview |
| 18 | + |
2 | 19 | Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud. |
3 | 20 |
|
4 | 21 | Currently enumerates the following: |
@@ -26,16 +43,16 @@ See it in action in [Codingo](https://github.com/codingo)'s video demo [here](ht |
26 | 43 | <img src="https://initstring.keybase.pub/host/images/cloud_enum.png" align="center"/> |
27 | 44 |
|
28 | 45 |
|
29 | | -# Usage |
| 46 | +## Usage |
30 | 47 |
|
31 | | -## Setup |
| 48 | +### Setup |
32 | 49 | Several non-standard libaries are required to support threaded HTTP requests and dns lookups. You'll need to install the requirements as follows: |
33 | 50 |
|
34 | 51 | ```sh |
35 | 52 | pip3 install -r ./requirements.txt |
36 | 53 | ``` |
37 | 54 |
|
38 | | -## Running |
| 55 | +### Running |
39 | 56 | The only required argument is at least one keyword. You can use the built-in fuzzing strings, but you will get better results if you supply your own with `-m` and/or `-b`. |
40 | 57 |
|
41 | 58 | You can provide multiple keywords by specifying the `-k` argument multiple times. |
@@ -86,6 +103,6 @@ optional arguments: |
86 | 103 | -qs, --quickscan Disable all mutations and second-level scans |
87 | 104 | ``` |
88 | 105 |
|
89 | | -# Thanks |
| 106 | +## Thanks |
90 | 107 | So far, I have borrowed from: |
91 | 108 | - Some of the permutations from [GCPBucketBrute](https://github.com/RhinoSecurityLabs/GCPBucketBrute/blob/master/permutations.txt) |
0 commit comments