New (set of) Instance Metadata Hunter(s)
Intuitively. Will only run on a --pod scan
We already have a small implementation of using azure metadata api to discover more subnets. this hunters should replace this implementation as well
Add a Passive + Active Hunter that will scan Instance Metadata Services for each cloud provider.
What would you like to be added
New (set of) Instance Metadata Hunter(s) Intuitively. Will only run on a
--pod
scan We already have a small implementation of using azure metadata api to discover more subnets. this hunters should replace this implementation as well Add a Passive + Active Hunter that will scan Instance Metadata Services for each cloud provider.Research on:
Other clouds:
Cool cheat sheet by @jhaddix: https://gist.github.com/jhaddix/78cece26c91c6263653f31ba453e273b
Mission:
Find cool ways to do most damage with minimum permissions