Executive brief on how PCI DSS 4.0 affects offensive security practices, penetration testing, and segmentation testing. Watch Now

CloudFox: Cloud Enumeration for Penetration Testing

Date:
August 21st
Time:
2pm EST / 7pm BST
CloudFox Discord workshop on cloud enumeration techniques for penetration testing.

Every penetration tester knows that proper enumeration is the key to a successful engagement; this is especially true for cloud penetration tests. However, cloud environments aren't small. In fact, you'll often see tens of thousands of resources and policies in just a single account. Without knowing the proper tools to use or what information to look for, the already daunting task of enumeration starts to look impossible. Thankfully, Bishop Fox's very own Cloudfox is available to make this difficult task manageable. In this session, Mitchell Sperling, Senior Security Consultant at Bishop Fox, will demonstrate how he uses CloudFox during cloud penetration tests to quickly enumerate large cloud environments and identify interesting attack paths. 

Speaker: Mitchell Sperling, Senior Security Consultant at Bishop Fox

Date/Time: August 21st, 2025 at 2pm EST/7pm BST

Attend Link: https://discord.com/invite/ANy...

What We'll Cover: 

  • Installing and using CloudFox
  • Parsing output to identify vulnerabilities
  • Integrating CloudFox into your current testing workflow
  • Understanding the limitations of CloudFox 

Who Should Watch:

This session is primarily geared towards penetration testers who are looking to improve their cloud enumeration capabilities. While experience with cloud environments is recomemnded, the session is designed to be a beginner-friendly introduction to CloudFox and using it to effectively enumerate cloud environments.

Related Events

Extend your knowledge with these related events and webcasts.

Screenshot of a Cloud Security Podcast interview featuring a demo of CloudFoxable, a gamified cloud hacking sandbox developed by the Bishop Fox cloud penetration testing team.
Workshops & Training

CloudFoxable: A Practical Demo of AWS Cloud Security Misconfiguration Attacks

Watch the CloudFoxable demo to see a gamified cloud hacking sandbox where users can find latent attack paths in an intentionally vulnerable AWS environment.

Learn More
Virtual session titled 'Architecting Cloud Security Testing in the GenAI Era' featuring modern typography and abstract technical design elements.
Virtual Session

Architecting Cloud Security Testing in the GenAI Era

Join Steven Smiley and Jessica Stinson for a deep dive into how early-stage architectural reviews can transform the effectiveness of your testing. Whether you're navigating IAM setups or preparing to tackle GenAI risks in cloud environments, this session has the clarity and direction you need to test smarter—not just harder.

Learn More
Dark purple background with CloudFox text. Fox face wearing old fashioned aviator helmet.
Technical

Sep 13, 2022

Introducing: CloudFox

By Seth Art, Carlos Vendramini

Ready to get started? We can help.

Contact Us

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.