CyberSecurityUP
|
2e25809a93
|
v3.5.5 — cloud infrastructure testing + REPL polish
Cloud testing:
- +17 cloud agents (agents_md/infra/) for AWS/GCP/Azure: IAM/RBAC privesc,
storage exposure (S3/GCS/Blob), compute & network exposure + IMDS, secrets
(Secrets Manager / Secret Manager / Key Vault), SA/SP key abuse, Entra ID
enum, and a multi-cloud footprint/identity recon agent. Library 348 -> 365.
- creds.yaml gains aws:/gcp:/azure: blocks (Creds::cloud). The harness exports
provider env vars (AWS_*, GOOGLE_APPLICATION_CREDENTIALS, AZURE_* SP) so
aws/gcloud/az authenticate automatically, and injects a cloud directive. GCP
inline JSON is written to a temp file. Best-practice auth per provider.
REPL polish:
- /chain <n> (attack-chain depth, wired to Session.chain_depth), /agents list
(library category counts incl. infra/cloud); /show now shows chain-depth and
enabled integrations. Tab-completion + help updated.
Docs: README badges (365 agents / 14 providers), new "Cloud credentials" section;
RELEASE notes. Version 3.5.4 -> 3.5.5.
|
2026-07-01 22:38:27 -03:00 |
|