Skip to content

Latest commit

 

History

History
204 lines (130 loc) · 8.94 KB

README_EN.md

File metadata and controls

204 lines (130 loc) · 8.94 KB



GitHub stars GitHub releases License Downloads Go Report Card tweet Twitter Github

中文 | English


CF is a cloud exploitation framework, It can facilitate the work of the red team after obtaining access key.

CF releases: github.com/teamssix/cf/releases

Current Supported Clouds:

  • Alibaba Cloud
  • Tencent Cloud
  • AWS
  • Huawei Cloud

Manual

For detailed manuals, please visit: wiki.teamssix.com/cf

The manual currently supports Chinese only

Install

Download the compressed files corresponding to the system in the CF download url: github.com/teamssix/cf/releases, decompressing it and run it in the command line.

The following systems are currently supported
File name System Architecture Bit
cf_x.x.x_darwin_amd64.tar.gz MacOS AMD (Mac for Intel chips) 64
cf_x.x.x_darwin_arm64.tar.gz MacOS ARM (Mac for Apple M Series Chips) 64
cf_x.x.x_linux_386.tar.gz Linux AMD 32
cf_x.x.x_linux_amd64.tar.gz Linux AMD 64
cf_x.x.x_linux_arm64.tar.gz Linux ARM 64
cf_x.x.x_windows_386.zip Windows AMD 32
cf_x.x.x_windows_amd64.zip Windows AMD 64
cf_x.x.x_windows_arm64.zip Windows ARM 64

Cases

Title Version Article URL Author Release Time
《一次简单的"云"上野战记录》 v0.4.2 https://mp.weixin.qq.com/s/wi8C... carrypan 2022.10.19
《记录一次平平无奇的云上攻防过程》 v0.4.0 https://zone.huoxian.cn/d/2557 TeamsSix 2022.9.14
《我用 CF 打穿了他的云上内网》 v0.2.4 https://zone.huoxian.cn/d/1341-cf TeamsSix 2022.7.13

Easy to start

Here is the example of Alibaba Cloud, other more operations can be viewed in the user manual.

Configuration

cf config

One-click access to current access credentials

cf alibaba perm

One-click to take over the console

cf alibaba console

One-click listing of cloud service resources with current access credentials

cf alibaba ls

View the help information for the operation of the command executed by CF for the instance

cf alibaba ecs exec -h

One-click command to execute proof of privilege for all instances

cf alibaba ecs exec -b

One-click access to temporary access credential data in instances

cf alibaba ecs exec -m

One-click download of OSS object storage data

cf alibaba oss obj get

One-Click Upgrade CF Version

cf upgrade

If it feels good, maybe you can give me a Star ~

Contributor

Thank you for your contributions to CF, A note on contributions: CONTRIBUTING

404Starlink

CF has joined 404Starlink

More

If you are interested in cloud security, you can see my other project Awesome Cloud Security , many cloud security resources are included here.

If these cloud security resources are still not enough for you, check out my cloud security knowledge base), where I have a lot of notes and articles in the direction of cloud security.

Finally, the following is my personal wechat official accounts, welcome to follow ~

If you would like to work with me on this, you can join the team by sending your resume to admin@wgpsec.org.

Warning

  • This tool can only be used in legal scenarios and is strictly forbidden to be used in illegal scenarios.
  • The risks involved in this tool are the responsibility of the tenant and not the cloud providers.

Thank you for using my tool.