1. Cloud Scanner

Cloud Scanner

About this tool

The Cloud Vulnerability Scanner evaluates multi-cloud environments (Amazon Web Services - AWS, Google Cloud Platform - GCP and Microsoft Azure - Azure) to identify misconfigurations, vulnerabilities, weak access controls, interesting files, and other security issues.

A penetration tester can use the tool to discover and confirm security vulnerabilities in cloud infrastructure and report them.

The Cloud Vulnerability Scanner is an advanced and comprehensive cloud security solution designed to perform vulnerability scans against cloud environments both from the outside and from within.

The scanner supports major cloud service providers (AWS, GCP and Azure) and allows security and IT specialists to surface vulnerabilities across their entire cloud infrastructure, regardless of the cloud platform their targets use.

Continuous monitoring is a key aspect of our Cloud Vulnerability Scanner which ensures cloud infrastructures remain secure and compliant over time. The scanner can be configured to perform regular scans, detect emerging vulnerabilities, and provide real-time notifications to relevant stakeholders so they can act quickly to remediate issues.

Offensive security specialists can export detailed reports from Cloud Scanner findings ranked by severity, along with individual risk levels and remediation guidance. Security and IT teams can use these guidelines to address vulnerabilities, errors, and misconfigurations quickly and efficiently.

Integration and automation capabilities make the Cloud Vulnerability Scanner a seamless fit within existing security ecosystems. The user-friendly, cloud-based dashboard is easy to access and provides a comprehensive overview of vulnerability scan results. Security and IT managers can also easily aggregate findings into reports and share them with their teams.

Using our Cloud Vulnerability Scanner, organizations can keep track of their cloud environments' exposure and reduce the risk of data breaches, unauthorized access, and service disruptions. The tool also improves accuracy in vulnerability management and saves time and costs compared to manual security assessments.

Security and IT pros can delve deeper into Cloud Scanner findings with 20+ connected tools which help them validate vulnerabilities and demonstrate the real business risk they pose.


  • Target: Specifies the system to be scanned. Target can be an IP address, hostname or URL.

    If you want to scan an AWS S3 bucket, you can input it in the URL form: http(s)://<bucket_name>.s3.amazonaws.com

    If you want to scan a Google Cloud Storage bucket, you can input it in the URL form: https://storage.googleapis.com/storage/v1/b/<bucket_name>

  • Detect cloud provider: If enabled, the tool will attempt to detect the cloud provider of the target system.

  • Detect cloud vulnerabilities & misconfigurations: If enabled, the tool will check the target system for any vulnerabilities or misconfigurations in AWS and GCP systems.

    If the Detect cloud provider option is disabled, the tool will perform all the tests for all currently supported cloud providers on the target, otherwise, it will only test for vulnerabilities and misconfigurations specific to the provider that it detects.

How it works

The Cloud Vulnerability Scanner currently incorporates scanning techniques that detect:

  • the cloud provider

  • AWS S3 and Google Cloud Storage buckets

  • AWS S3 and Google Cloud Storage ACLs

  • overly permissive configurations

  • interesting files inside AWS S3 and Google Cloud Storage buckets (wp-config, backup, keys, etc.)