Enumeration is the cornerstone of every successful penetration test; yet in the cloud, the challenge scales dramatically. With tens of thousands of resources and policies in a single account, the process can quickly feel overwhelming without the right approach or tooling.

Enter CloudFox, Bishop Fox’s open-source tool built to help penetration testers cut through the noise and uncover meaningful attack paths in sprawling cloud environments.

In this hands-on virtual session, Mitchell Sperling, Senior Security Consultant at Bishop Fox, will demonstrate how he uses CloudFox to streamline enumeration, parse results for potential vulnerabilities, and integrate findings into real-world testing workflows. Using a live testing environment, Mitchell will guide attendees step by step, and you’ll have the opportunity to join in, follow along, and experiment with CloudFox yourself.

What You’ll Learn:

1. Installing and using CloudFox effectively
2. Parsing output to uncover vulnerabilities and attack paths
3. Integrating CloudFox into your penetration testing workflow
4. Understanding current limitations and best practices

Who Should Attend:

Penetration testers and security practitioners seeking to strengthen their cloud testing capabilities. While some familiarity with cloud environments is helpful, the session is designed as a beginner-friendly introduction to CloudFox.