Bishop Fox named “Leader” in 2024 GigaOm Radar for Attack Surface Management. Read the Report ›

Cloud Security Podcast: CloudFoxable Demo

Watch the CloudFoxable demo to see a gamified cloud hacking sandbox where users can find latent attack paths in an intentionally vulnerable AWS environment.

If you are looking to get hands-on experience in cloud environments and already enjoy using CloudFox, CloudFoxable is an important addition to any hacker's toolkit. CloudFoxable offers a gamified cloud hacking sandbox that allows users to find latent attack paths in an intentionally vulnerable AWS environment. Drawing inspiration from CloudGoat,, and Metasploitable, CloudFoxable has a variety of challenges, flags and attack paths in a CTF format. 

Tool creator, Seth Art, joined Cloud Security Podcast for a walkthrough of CloudFoxable and shared helpful tips and tricks that you can apply in your own cloud hacking journey.

CloudFoxable Demo: 

00:00 Introduction 
01:55 What is cloudfoxable?
03:19 Who is cloudfoxable for?
03:39 Walkthrough Challenge 1
08:32 What is CTF?
11:41 Walkthrough 2nd Challenge
30:42 SSO
33:57 CICD Pipeline

Seth art

About the author, Seth Art

Principal Security Consultant

Seth Art (OSCP) is a Principal Security Consultant at Bishop Fox, where he currently focuses on penetration testing cloud environments, Kubernetes clusters, and traditional internal networks.

Seth is the author of multiple open-source projects including CloudFox, CloudFoxable, IAM Vulnerable, Bad Pods, celeryStalk, and PyCodeInjection. He has presented at security conferences, including fwd:cloudsec, DerbyCon, and BSidesDC, published multiple CVEs, and is the founder of IthacaSec, a security meetup in upstate NY.

More by Seth

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.