Nebula - Cloud C2 Framework, which offers reconnaissance, enumeration, exploitation, post exploitation on AWS

Aug 3, 2021

Nebula is a Cloud and (hopefully) DevOps Penetration Testing framework. It is build with modules for each provider and each functionality. As of April 2021, it only covers AWS, but is currently an ongoing project and hopefully will continue to grow to test GCP, Azure, Kubernetes, Docker, or automation engines like Ansible, Terraform, Chef, etc.

Currently covers:

  • S3 Bucket name bruteforce
  • IAM, EC2, S3, STS and Lambda Enumeration
  • IAM, EC2, STS, and S3 exploitation
  • SSM Enumeration + Exploitation
  • Custom HTTP User-Agent
  • Enumerate Read Privileges (working on write privs)
  • Reverse Shell
  • No creds Reconnaisance

There are currently 67 modules covering:

  • Reconnaissance
  • Enumeration
  • Exploit
  • Cleanup
  • Reverse Shell

Installation

Docker

From Dockerhub

Clone the Nebula Repo from Github and pull Nebula Docker image:

git clone https://github.com/gl4ssesbo1/Nebula
docker pull gl4ssesbo1/nebula:latest

and then run main.py through:

cd Nebula
docker run -v $(pwd):/app -ti gl4ssesbo1/nebula:latest main.py

Remember to not forget -v option, because it allows files to be saved on the system even after removing the docker image.

Using DockerFile

Clone the Nebula Repo from Github and build Docker image locally:

git clone https://github.com/gl4ssesbo1/Nebula
docker build -t nebula .....

Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023