Tools and Packages Overview ============================ PWNCLOUDOS is a Debian-based XFCE4 Linux distribution tailored for red, blue, and purple team operations in multi-cloud environments. All tools are organized under the `/opt/` directory by category for easier discoverability, maintenance, and contribution. AWS Tools (/opt/aws_tools/) ---------------------------- These tools assist in auditing, enumerating, and attacking AWS environments: - `AWeSomeUserFinder `_ - `aws_enumerator `_ - `github-oidc-checker `_ - `IAMGraph `_ - `pacu `_ - `pmapper `_ - `s3_account_search `_ Azure Tools (/opt/azure_tools/) ------------------------------- These tools focus on Azure infrastructure enumeration, credential abuse, and exploitation: - `AzSubEnum `_ - `azure_hound `_ - `basicblobfinder `_ - `bloodhound `_ - `exfil_exchange_mail `_ - `o365enum `_ - `o365spray `_ - `Oh365UserFinder `_ - `Omnispray `_ - `roadrecon `_ - `seamlesspass `_ GCP Tools (/opt/gcp_tools/) --------------------------- Cloud security and misconfiguration assessment tools for GCP: - `automated-cloud-misconfiguration-testing `_ - `gcp-permissions-checker `_ - `gcp_scanner `_ - `google-workspace-enum `_ - `iam-policy-visualize `_ - `sprayshark `_ - `username-anarchy `_ Multi-Cloud Tools (/opt/multi_cloud_tools/) ------------------------------------------- Tools that support AWS, Azure, and GCP in a unified manner: - `cloudfox `_ - `powerpipe `_ - `prowler `_ - `s3scanner `_ - `scoutsuite `_ - `steampipe `_ PowerShell Tools (/opt/ps_tools/) --------------------------------- Advanced post-exploitation and cloud access tooling for Windows environments: - `AADInternals `_ - `GraphRunner `_ - `invoke_modules `_ - `MFASweep `_ - `TokenTacticsV2 `_ Code Scanning Tools (/opt/code_scanning/) ----------------------------------------- Tools for static secrets detection and credential scanning in source code: - `git-secrets `_ - `trufflehog `_ Cracking Tools (/opt/cracking-tools/) ------------------------------------- Used for password hash cracking and password recovery: - `John the Ripper `_ - `Hashcat `_ Other Tools ----------- - **Terminal environments**: Zsh, PowerShell - **Browsers**: Chromium, Firefox - **Screenshot**: `Flameshot `_ - **Web Proxy**: - `CAIDO `__ - `BurpSuite Community `__ - **Fuzzing**: `ffuf `_ - **Cloud SDKs**: - `AWS CLI `_ - `Azure CLI `_ Python Tools Installed via pipx ------------------------------- Installed into isolated environments and exposed via PATH: - azure-cli 2.65.0 - iamgraph 0.1.0 - `impacket` 0.12.0 — `GitHub `_ - pacu 1.6.0 - principalmapper (pmapper) 1.1.5 - prowler 5.0.5 - roadtools 0.0.1 - s3-account-search 0.2.1 - scoutsuite 5.14.0 - seamlesspass 0.0.1 - trufflehog 2.2.1 Desktop Environment and Theme ------------------------------- PWNCLOUDOS provides a modern and user-friendly graphical interface built on **XFCE**, customized with stylish fonts, icons, and dark themes to enhance usability for cloud professionals. **Current UI Stack:** - **Desktop Environment:** XFCE 4.18.1 - **GTK Theme:** Fluent-pink-Dark 🔗 https://github.com/vinceliuice/Fluent-gtk-theme - **Icon Theme:** Fluent-pink-dark 🔗 https://github.com/vinceliuice/Fluent-icon-theme - **Cursor Theme:** Default system cursor - **Font:** JetBrainsMono Nerd Font 10 🔗 https://github.com/ryanoasis/nerd-fonts/releases/download/v3.4.0/JetBrainsMono.zip **Base OS:** Debian 12 (Bookworm) 🔗 https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/ The environment is optimized for terminal-first workflows, with floating window management, hotkey accessibility, and a minimal resource footprint. Contribute ---------- Want to improve or extend PWNCLOUDOS? Start by reviewing the tooling here and submitting improvements or suggestions via `GitHub Issues `_ or join our Discord community.