itsMe Posted July 12, 2021 Share Posted July 12, 2021 This is the hidden content, please Sign In or Sign Up Nebula Nebula is a Cloud and (hopefully) DevOps Penetration Testing framework. It is built with modules for each provider and each functionality. As of April 2021, it only covers AWS, but is currently an ongoing project and hopefully will continue to grow to test GCP, Azure, Kubernetes, Docker, or automation engines like Ansible, Terraform, Chef, etc. Currently covers: S3 Bucket name bruteforce IAM, EC2, S3, STS, and Lambda Enumeration IAM, EC2, STS, and S3 exploitation SSM Enumeration + Exploitation Custom HTTP User-Agent Enumerate Read Privileges (working on write privs) Reverse Shell No creds Reconnaisance There are currently 67 modules covering: Reconnaissance Enumeration Exploit Cleanup Reverse Shell Changelog v2.0 STS AssumeRoleWithWebIdentity Reconnaissance crt.sh TCP Reverse Shell (Draft) Reverse Shell check_env that checks the environment of the victim system Updated getuid that checks IAM:GetUser, IAM:ListAttachedUserPolicies and IAM:GetPolicy Now it gets the credentials from ¬/.aws This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
.webp.8407a83ac96563f75e1c428a1f0d4c3e.webp)
.webp.9a04cec050a656fab081ac190f971c3f.webp)
Hack Tools Resurrection
itsMe
dEEpEst
Recommended Posts