{"id":13684432,"url":"https://github.com/RedTeamOperations/RedCloud-OS","last_synced_at":"2025-04-30T21:30:35.175Z","repository":{"id":179479949,"uuid":"662571778","full_name":"RedTeamOperations/RedCloud-OS","owner":"RedTeamOperations","description":"RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers (CSPs)","archived":false,"fork":false,"pushed_at":"2024-06-04T17:05:15.000Z","size":4173,"stargazers_count":579,"open_issues_count":1,"forks_count":80,"subscribers_count":10,"default_branch":"main","last_synced_at":"2024-11-12T05:37:24.343Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RedTeamOperations.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-07-05T12:22:49.000Z","updated_at":"2024-11-10T22:38:16.000Z","dependencies_parsed_at":null,"dependency_job_id":"fe06e5e5-f039-48d4-95f9-757f1f0d834f","html_url":"https://github.com/RedTeamOperations/RedCloud-OS","commit_stats":null,"previous_names":["redteamoperations/redcloud-os"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RedTeamOperations%2FRedCloud-OS","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RedTeamOperations%2FRedCloud-OS/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RedTeamOperations%2FRedCloud-OS/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RedTeamOperations%2FRedCloud-OS/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RedTeamOperations","download_url":"https://codeload.github.com/RedTeamOperations/RedCloud-OS/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251785329,"owners_count":21643455,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T14:00:33.476Z","updated_at":"2025-04-30T21:30:34.311Z","avatar_url":"https://github.com/RedTeamOperations.png","language":"Shell","funding_links":[],"categories":["文章","0x02 工具 :hammer_and_wrench:"],"sub_categories":["1 云服务工具"],"readme":"# RedCloud OS\n\n![Logo](https://github.com/RedTeamOperations/RedCloud-OS/blob/main/Logo.png)\n\n## Intro\n\n**RedCloud OS** is a [Debian](https://www.debian.org/) based Cloud Adversary Simulation Operating System for Red Teams to assess the security of leading Cloud Service Providers (CSPs). It includes tools optimized for adversary simulation tasks within [Amazon Web Services (AWS)](https://aws.amazon.com/), [Microsoft Azure](https://azure.microsoft.com/en-us), and [Google Cloud Platform (GCP)](https://cloud.google.com/).\n\n### Credentials\n**Username** --\u003e cwl\n\n\n**Password** --\u003e redcloud\n\n### Specs\n**Platform** --\u003e VMware Workstation [VMware player can also work, although we have not tested yet]\n\n\n**RAM** --\u003e 8GB+ recommended; 4GB Minimum\n\n\n**No. of cores** --\u003e 4+ Cores recommended; 2 Minimum\n\n**Getting Started with Cloud Red Team PDF** --\u003e [Getting Started with Cloud Red Team PDF](https://github.com/RedTeamOperations/RedCloud-OS/blob/main/build-scripts/Getting%20Started%20with%20Cloud%20Red%20Team.pdf)\n\n## Available Tools\n\n### AWS\n- [AWSCLI](https://github.com/aws/aws-cli/tree/v2)\n- [AWS Consoler](https://github.com/NetSPI/aws_consoler)\n- [AWS Escalate](https://github.com/RhinoSecurityLabs/Security-Research/blob/master/tools/aws-pentest-tools/aws_escalate.py)\n- [CloudCopy](https://github.com/Static-Flow/CloudCopy)\n- [CloudJack](https://github.com/prevade/cloudjack)\n- [CloudMapper](https://github.com/duo-labs/cloudmapper)\n- [CredKing](https://github.com/ustayready/CredKing)\n- [Endgame](https://github.com/hoodoer/endgame)\n- [Pacu](https://github.com/RhinoSecurityLabs/pacu)\n- [Redboto](https://github.com/ihamburglar/Redboto)\n- [weirdAAL](https://github.com/carnal0wnage/weirdAAL)\n\n### Azure\n- [AADCookieSpoof](https://github.com/jsa2/aadcookiespoof)\n- [AADInternals](https://github.com/Gerenios/AADInternals)\n- [AZ CLI](https://github.com/Azure/azure-cli)\n- [AzureAD](https://github.com/Azure/azure-docs-powershell-azuread)\n- [AzureHound](https://github.com/BloodHoundAD/AzureHound)\n- [BloodHound](https://github.com/BloodHoundAD/BloodHound)\n- [DCToolbox](https://github.com/DanielChronlund/DCToolbox)\n- [MFASweep](https://github.com/dafthack/MFASweep)\n- [MicroBurst](https://github.com/NetSPI/MicroBurst)\n- [Microsoft365 devicePhish ](https://github.com/optiv/Microsoft365_devicePhish)\n- [MS Graph](https://github.com/microsoftgraph/msgraph-sdk-powershell)\n- [PowerUpSQL](https://github.com/NetSPI/PowerUpSQL)\n- [ROADtools](https://github.com/dirkjanm/ROADtools)\n- [TeamFiltration](https://github.com/Flangvik/TeamFiltration)\n- [TokenTactics](https://github.com/rvrsh3ll/TokenTactics)\n\n### GCP\n- [Gcloud CLI](https://cloud.google.com/sdk/gcloud/)\n- [GCPBucketBrute](https://github.com/RhinoSecurityLabs/GCPBucketBrute)\n- [GCP Delegation](https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/gcp_misc)\n- [GCP Enum](https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/gcp_enum)\n- [GCP Firewall Enum](https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/gcp_firewall_enum)\n- [GCP IAM Collector](https://github.com/marcin-kolda/gcp-iam-collector)\n- [GCP IAM Privilege Escalation](https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation)\n- [GCPTokenReuse](https://github.com/RedTeamOperations/GCPTokenReuse)\n- [GoogleWorkspaceDirectoryDump](https://github.com/RedTeamOperations/GoogleWorkspaceDirectoryDump)\n- [Hayat](https://github.com/DenizParlak/hayat)\n\n\n### Multi Cloud\n- [Cartography](https://github.com/lyft/cartography)\n- [CCAT](https://github.com/RhinoSecurityLabs/ccat)\n- [CloudBrute](https://github.com/0xsha/CloudBrute)\n- [CloudEnum](https://github.com/initstring/cloud_enum/)\n- [Cloud Service Enum](https://github.com/NotSoSecure/cloud-service-enum)\n- [Evilginx2](https://github.com/kgretzky/evilginx2)\n- [Gitleaks](https://github.com/gitleaks/gitleaks)\n- [Impacket](https://github.com/fortra/impacket)\n- [Leonidas](https://github.com/WithSecureLabs/leonidas)\n- [Modlishka](https://github.com/drk1wi/Modlishka)\n- [Mose](https://github.com/master-of-servers/mose)\n- [PurplePanda](https://github.com/carlospolop/PurplePanda)\n- [Responder](https://github.com/lgandx/Responder)\n- [ScoutSuite](https://github.com/nccgroup/ScoutSuite)\n- [SkyArk](https://github.com/cyberark/SkyArk)\n- [Zphisher](https://github.com/htr-tech/zphisher)\n\n## Getting Started\n\n### Download\n- Step 1 --\u003e Download the 7z archive from **_[here](https://linktr.ee/redcloudos)_**\n- Step 2 --\u003e Unzip the archive\n- Step 3 --\u003e Open **VMware Workstation** \u003e **File** \u003e **Open (Ctrl +  O)** \u003e Browse to extracted folder and select **RedCloud OS.ovf**\n- Step 4 --\u003e Click **Import**\n\n### Usage\n\nThe OS setup is simple and tools are divided by the CSPs. Inside each CSP, there are three sub-categories i.e, **Enumeration**, **Exploitation**, and **Post Exploitation**. For multitasking and ease-of-use, **Terminator** is set as the default terminal. \n\nEach tool can be launched in 4 different ways as follows:-\n1. By clicking their menu launchers\n2. Directly executing `startup.sh` script in respective `/opt/` folder\n3. Executing startup script in `/usr/local/bin`\n4. TAB autocomplete to search binary using tool name\n\n\n**Note:** PowerShell tools start with capital letters and all others start with small letters. In case of any confusion, feel free to checkout `/usr/local/bin`.\n\nThat being said, there are some launchers like **Impacket** and **Redboto** which due to lots of scripts are only listing the scripts and folder path. In the next release, we'll be including proper launchers for these as well as as for any similar tool.\n\n#### Environmental Variables Setup\n\nWe have provided some examples of environmental variables required for certain tools to work. These variables however are not exhaustive and more can be needed on case-to-case basis.\n\n##### AWS\n```bash\nexport AWS_ACCESS_KEY_ID=\u003caccess_key_id\u003e\nexport AWS_SECRET_ACCESS_KEY=\u003caccess_key\u003e\nexport AWS_DEFAULT_REGION=\u003cregion\u003e\n```\n##### Azure\n```bash\nexport AZURE_CLIENT_ID = \u003capp-id\u003e\nexport AZURE_TENANT_ID = \u003ctenant-id\u003e\nexport AZURE_CLIENT_SECRET = \u003capp-secret\u003e\n\n```\n##### GCP\n```bash\nexport GOOGLE_APPLICATION_CREDENTIALS = \u003cService Account Json File Path\u003e\n```\n\n#### Aliases\n\nDuring the development procedure, few aliases were used for the sake of convenience. These aliases are still in the user account and can be used.\n```bash\nalias c='clear'\nalias a='nano ~/.bash_aliases'\nalias s='source ~/.bash_aliases'\nalias v='python3 -m venv venv \u0026\u0026 source venv/bin/activate'\nalias d='deactivate'\nalias p='pip3 install -r requirements.txt'\nalias ll='ls -la'\n```\n\n## Building from scratch\n\n1. Download base OS i.e, [Parrot OS Architect Edition 5.3](https://parrotsec.org/download/?version=architect) and proceed with installation in VMware/VirtualBox.\n2. During VM installation, when prompted to choose components, select only Mate Desktop Environment and proceed.\n3. Once installation is finished, launch the VM and clone this repo using `git clone https://github.com/RedTeamOperations/RedCloud-OS.git`\n4. Navigate to `build-scripts` folder and make scripts executable.\n5. First execute [uninstall.sh](https://github.com/RedTeamOperations/RedCloud-OS/blob/main/build-scripts/uninstall.sh) and wait for script to finish.\n6. (_Optional_) Then execute [hold.sh](https://github.com/RedTeamOperations/RedCloud-OS/blob/main/build-scripts/hold.sh) and wait for script to finish.\n7. Finally execute [install.sh](https://github.com/RedTeamOperations/RedCloud-OS/blob/main/build-scripts/install.sh) and wait for script to finish.\n8. (_Optional_) Use `Menu Editor` to create applications launchers.\n9. (_Optional_) Use `Dconf-Editor` to customize icons.\n10. (_Optional_) Use `Grub Customizer` to modify Grub settings.\n\n## Learning Materials\n\n1. **AWS**: [AWS Cloud Red Team Specialist [CARTS]](https://cyberwarfare.live/product/aws-cloud-red-team-specialist-carts/)\n2. **GCP**: [Google Cloud Red Team Specialist [CGRTS]](https://cyberwarfare.live/product/google-cloud-red-team-specialist-cgrts/)\n3. **Multi-Cloud**:\n    - [Multi-Cloud Red Team Analyst [MCRTA]](https://cyberwarfare.live/product/multi-cloud-red-team-analyst-mcrta/)\n    - [Hybrid Multi-Cloud Red Team Specialist [CHMRTS]](https://cyberwarfare.live/product/hybrid-multi-cloud-red-team-specialist-chmrts/)\n\n## Future Roadmap\n- [ ] [**Under Development**] Support for Apple Silicon Architecture\n\n## Feedback\n\n RedCloud OS is an ongoing piece of development and your feedbacks/suggestions will help us enhance it furthermore. Feel free to either create an [**Issue**](https://github.com/RedTeamOperations/RedCloud-OS/issues) or email us at **info@cyberwarfare.live** with the subject \"**RedCloud OS**\".\n\n## Acknowledgements\n\n- [Parrot Security](https://www.parrotsec.org/) for providing the Base OS\n- Creators/Developers/Contributors/Maintainers of all Open Source Components used within RedCloud OS\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FRedTeamOperations%2FRedCloud-OS","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FRedTeamOperations%2FRedCloud-OS","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FRedTeamOperations%2FRedCloud-OS/lists"}