Add VPC / VPC peering information to output - Githubissues

BishopFox / cloudfox

Automating situational awareness for cloud penetration tests.

https://bishopfox.com/blog/introducing-cloudfox

MIT License

1.89k stars 180 forks source link

Add VPC / VPC peering information to output #57

Open Techbrunch opened 11 months ago

Techbrunch commented 11 months ago

As a pentester I want to be able to have an overview of VPC and VPC peering so that I can quickly assess the attack surface.

Overview

In my current audit the targets are in a VPC but this VPC has some peering with other VPCs.

I want to be able to quickly see the other VPC linked to the VPC I'm auditing.

The following information would be useful for VPC:

Name
VPC ID
State
IPv4 CIDR
IPv6 CIDR
Owner ID
Region
Number of instances

The following information would be useful for VPC peering:

VPC id requester and accepter
VPC name requester and accepter
region requester and accepter
Requester CIDRs
Accepter CIDRs
Requester owner ID
Requester owner ID
Peering connection id
Status

tragulum commented 8 months ago

@Techbrunch Here's a script I use for this. I uploaded to a Gist in case you want to use it until this functionality gets added to CF. https://gist.github.com/tragulum/2c9ba8e7ea8ca3a0c00da37fdc80423d