Probe Security Headers
Check HTTP security headers across your web properties to identify missing protections like CSP, HSTS, and X-Frame-Options.
Cloud Security Audit
Audit cloud infrastructure by discovering assets, probing for misconfigurations, testing cloud-specific attacks, and checking CVEs.
Cloud infrastructure introduces unique security challenges that traditional security tools often miss. Misconfigured storage buckets, exposed metadata services, overly permissive IAM roles, and serverless function vulnerabilities require specialized testing approaches that understand cloud-native architectures.
This workflow audits cloud security by discovering all cloud-hosted assets through DNS enumeration, probing endpoints for common cloud misconfigurations, testing for cloud-specific attacks like SSRF to metadata services, and checking for known vulnerabilities in cloud services. It covers AWS, GCP, and Azure environments with focus areas applicable across all major cloud providers.
Steps
1
Discover Cloud Assets
Enumerate DNS records to discover cloud-hosted assets including storage buckets, CDN endpoints, and serverless functions.
Input: Domain to enumerate for cloud asset discovery.
Output: DNS records pointing to cloud services with provider identification (AWS, GCP, Azure).
2
Probe Cloud Endpoints
Probe discovered cloud endpoints for misconfigurations, exposed services, and insecure default settings.
Input: Cloud endpoints and service URLs to probe.
Output: Cloud service configurations, exposed endpoints, and detected misconfigurations.
3
Test Cloud-Specific Vulnerabilities
Test for cloud-specific vulnerabilities including SSRF to metadata services, misconfigured IAM, and exposed cloud APIs.
Input: Cloud application endpoints to test for SSRF and cloud-specific attacks.
Output: Cloud-specific vulnerability findings including metadata access, SSRF results, and IAM issues.
4
Check Cloud Service CVEs
Search for known vulnerabilities in the cloud services and platforms identified in your infrastructure.
Input: Cloud service names and versions to check for known vulnerabilities.
Output: CVEs affecting your cloud services with severity ratings and remediation guidance.
Benefits
- Discover shadow cloud assets not tracked in asset inventories
- Detect common cloud misconfigurations like exposed storage buckets
- Test for cloud-specific attacks including SSRF to metadata services
- Check cloud services against known CVE databases
- Coverage across AWS, GCP, and Azure environments
Related Use Cases
Discover Hidden Services
Find hidden or forgotten web services running on your infrastructure that may be exposed without your knowledge.
Look Up DNS Records
Query DNS records for any domain to inspect A, AAAA, MX, CNAME, TXT, and NS configurations.
Check DNS Propagation Status
Verify whether recent DNS changes have propagated and the new records are live.
Scan Web Application Vulnerabilities
Run comprehensive vulnerability scans against web applications to identify security weaknesses.
Test API Security
Assess the security of REST APIs by testing authentication, authorization, input validation, and injection resistance.
Research Vulnerabilities by Software
Search for known vulnerabilities affecting specific software products, libraries, or frameworks in your stack.
Check CVE Details
Look up detailed information about specific CVEs including severity, affected versions, exploit availability, and patches.