CloudPEASS is a suite of tools designed to help users identify potential privilege escalation paths and other security vulnerabilities in cloud environments, specifically Azure, GCP, and AWS.
The suite is currently in development and leverages techniques documented in HackTricks Cloud, along with insights from HackTricks AI, to analyze permissions and highlight potential attacks.
bash# Example usage
export AZURE_ARM_TOKEN=$(az account get-access-token --resource-type arm | jq -r .accessToken)
export AZURE_GRAPH_TOKEN=$(az account get-access-token --resource-type ms-graph | jq -r .accessToken)
python3 AzurePEASS.py [--arm-token <AZURE_MANAGEMENT_TOKEN>] [--graph-token <AZURE_GRAPH_TOKEN>]
gcloud auth print-access-token
.bash# Example usage
export CLOUDSDK_AUTH_ACCESS_TOKEN=$(gcloud auth print-access-token)
python3 GCPPEASS.py [--token <TOKEN>]
--not-use-hacktricks-ai
flag.CloudPEASS is a powerful toolset for cloud security auditing, helping users identify and mitigate potential security risks in their cloud environments.
Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…
While file extensions in Linux are optional and often misleading, the file command helps decode what a…
The touch command is one of the quickest ways to create new empty files or update timestamps…
Handling large numbers of files is routine for Linux users, and that’s where the find command shines.…
Managing files and directories is foundational for Linux workflows, and the mv (“move”) command makes it easy…
Creating directories is one of the earliest skills you'll use on a Linux system. The mkdir (make…