cloudtoolkit

module
v0.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 19, 2026 License: MIT

README

CloudToolKit

Interactive multi-cloud security assessment framework.

Features

  • Multi-Cloud Support - Alibaba, Tencent, Huawei, AWS, Azure, GCP, Volcengine, JDCloud
  • Asset Enumeration - Hosts, databases, storage buckets, domains, IAM users
  • Security Testing - Backdoor user creation, command execution, bucket dumping
  • Interactive CLI - Tab completion, session management, credential caching

Quick Start

# Download from releases or build from source
go build --ldflags "-s -w" -trimpath -o ctk cmd/main.go

# Run interactive console
./ctk

Supported Capabilities

Provider Enumeration Security Testing
Alibaba Cloud ECS, OSS, RAM, RDS, DNS, SLS, SMS backdoor-user, bucket-dump, exec-command, event-dump, database-account
Tencent Cloud CVM, Lighthouse, COS, CAM, CDB, DNSPod backdoor-user, exec-command
Huawei Cloud ECS, OBS, IAM, RDS backdoor-user
AWS EC2, S3, IAM backdoor-user, bucket-dump
Azure Virtual Machines, Blob Storage -
GCP Compute Engine, Cloud DNS, IAM -
Volcengine ECS, IAM -
JDCloud VM, IAM, OSS -

Documentation

See Wiki for detailed usage.

Acknowledgements

Directories

Path Synopsis
pkg
inventory
plugins
providers/alibaba
providers/alibaba/api
providers/alibaba/auth
providers/alibaba/bss
providers/alibaba/dns
providers/alibaba/ecs
providers/alibaba/iam
providers/alibaba/oss
providers/alibaba/rds
providers/alibaba/sas
providers/alibaba/sls
providers/alibaba/sms
providers/aws
providers/aws/api
providers/aws/auth
providers/aws/ec2
providers/aws/iam
providers/aws/internal/arnutil
providers/aws/s3
providers/azure
providers/azure/activeDirectory
providers/azure/compute
providers/azure/storage
providers/gcp
providers/gcp/compute
providers/gcp/dns
providers/gcp/iam
providers/gcp/request
providers/huawei
providers/huawei/api
providers/huawei/auth
providers/huawei/bss
providers/huawei/ecs
providers/huawei/endpoint
Package endpoint builds Huawei Cloud service endpoint URLs without going through the official SDK's region.ValueOf() lookup.
 Package endpoint builds Huawei Cloud service endpoint URLs without going through the official SDK's region.ValueOf() lookup.
providers/huawei/iam
providers/huawei/obs
providers/huawei/rds
providers/jdcloud
providers/jdcloud/iam
providers/jdcloud/oss
providers/jdcloud/vm
providers/tencent
providers/tencent/api
providers/tencent/auth
providers/tencent/billing
providers/tencent/cdb
providers/tencent/cos
providers/tencent/cvm
providers/tencent/dns
providers/tencent/iam
providers/tencent/lighthouse
providers/tencent/tat
providers/volcengine
providers/volcengine/billing
providers/volcengine/ecs
providers/volcengine/iam
runtime/paginate
Package paginate provides a thin generic skeleton for SDK pagination loops.
 Package paginate provides a thin generic skeleton for SDK pagination loops.
runtime/regionrun
Package regionrun runs per-region enumeration callbacks in parallel with a bounded concurrency.
 Package regionrun runs per-region enumeration callbacks in parallel with a bounded concurrency.
schema
console
payloads
argparse
Package argparse splits payload metadata strings into tokens with shell-style quoting so values containing spaces (passwords, etc.) survive intact.
 Package argparse splits payload metadata strings into tokens with shell-style quoting so values containing spaces (passwords, etc.) survive intact.
audit
cache
confirm
logger
processbar

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.