clovery

Cloud Discovery - brute force public AWS, GCP, Alibaba, and Azure cloud services.

Info

Cloud providers will rate limit you if usage too frequent/heavy or wordlist too big (no output)
403 errors aid in further discovery - consider mutating wordlist

Installation

go get github.com/mlcsec/clovery

Help

$ clovery -h
Usage:
  cat wordlist.txt | clovery -aws
  cat wordlist.txt | clovery -ali -ali-reg <region>

Options:
  -ali            alibaba OSS (-ali-reg required)
  -ali-reg
                  Regions: (-ali option only)
    	          =====================================
                  oss-cn-hangzhou       oss-cn-shanghai
                  oss-cn-qingdao        oss-cn-beijing
                  oss-cn-zhangjiakou    oss-cn-huhehaote
                  oss-cn-shenzhen       oss-cn-chengdu
                  oss-cn-hongkong       oss-us-west-1
                  oss-us-east-1         oss-ap-southeast-1
                  oss-ap-southeast-2    oss-ap-southeast-3
                  oss-ap-southeast-5    oss-ap-northeast-1
                  oss-ap-south-1        oss-eu-central-1
                  oss-eu-west-1         oss-me-east-1
        
  -aws            aws s3 buckets
  -azb            azure blob storage
  -azd            azure databases 
  -azv            azure virtual machines (-azv-reg required)
  -azu-reg
                  Regions: (-azv option only)
    	          =====================================
                  australiacentral      australiacentral2
                  australiaeast         australiasoutheast
                  brazilsouth           canadacentral
                  canadaeast            centralindia
                  centralus             eastasia
                  eastus                eastus2
                  francecentral         francesouth
                  japaneast             japanwest
                  koreacentral          koreasouth
                  northcentralus        northeurope
                  southafricanorth      southafricawest
                  southcentralus        southeastasia
                  southindia            uksouth
                  ukwest                westcentralus
                  westeurope            westindia
                  westus                westus2                    
        
  -azw            azure websites
  -c              concurrency level (default 20)
  -fe             show 403 forbidden errors
  -gcp            gcp storage
  -t              timeout milliseconds (default 10000)

Wordlists

createWordlists.sh uses sed to append given keyword to front & back of the supplied wordlist
Tailor any wordlist based on given keyword

Name		Name	Last commit message	Last commit date
Latest commit History 59 Commits
README.md		README.md
alibaba.go		alibaba.go
aws.go		aws.go
azureblob.go		azureblob.go
azuredb.go		azuredb.go
azurevm.go		azurevm.go
azureweb.go		azureweb.go
common.txt		common.txt
createWordlists.sh		createWordlists.sh
gcp.go		gcp.go
main.go		main.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

clovery

Info

Installation

Help

Wordlists

About

Releases

Packages

Languages

mlcsec/clovery

Folders and files

Latest commit

History

Repository files navigation

clovery

Info

Installation

Help

Wordlists

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages