CloudPEASS is a suite of tools designed to help users identify potential privilege escalation paths and other security vulnerabilities in cloud environments, specifically Azure, GCP, and AWS.
The suite is currently in development and leverages techniques documented in HackTricks Cloud, along with insights from HackTricks AI, to analyze permissions and highlight potential attacks.
bash# Example usage
export AZURE_ARM_TOKEN=$(az account get-access-token --resource-type arm | jq -r .accessToken)
export AZURE_GRAPH_TOKEN=$(az account get-access-token --resource-type ms-graph | jq -r .accessToken)
python3 AzurePEASS.py [--arm-token <AZURE_MANAGEMENT_TOKEN>] [--graph-token <AZURE_GRAPH_TOKEN>] gcloud auth print-access-token.bash# Example usage
export CLOUDSDK_AUTH_ACCESS_TOKEN=$(gcloud auth print-access-token)
python3 GCPPEASS.py [--token <TOKEN>] --not-use-hacktricks-ai flag.CloudPEASS is a powerful toolset for cloud security auditing, helping users identify and mitigate potential security risks in their cloud environments.
Nginx server blocks let you run more than one website on a single server. Each block…
Tor Browser is a modified version of Firefox that routes all your web traffic through the Tor…
Vagrant is a command-line tool that makes it easy to build and manage virtual machine environments.…
VMware Tools is a set of drivers and services that improves the performance of an Ubuntu…
Java developers use project management tools to automate building their applications. Apache Maven is an open source…
Running programs built for Microsoft's framework on a Linux system is easier than you think. Mono is…