macOS
brew install cloudfoxlocal Homebrew formula metadata
brew
Automating situational awareness for cloud penetration tests. Version 2.0.5 via Homebrew; verified 2026-06-15.
install
brew install cloudfoxlocal Homebrew formula metadata
nix profile install nixpkgs#cloudfoxnixpkgs package indexes · pkgs/by-name/cl/cloudfox/package.nix · source: api.github.com
overview
Automating situational awareness for cloud penetration tests
history
CloudFox is Bishop Fox's open-source command-line tool for cloud penetration-test situational awareness. It began as an AWS-focused offensive-security enumerator and later grew into a multi-cloud tool covering AWS, Azure, and GCP.
Bishop Fox introduced CloudFox in September 2022 as a way to turn repeated shell, JSON, and cloud-API enumeration work from cloud penetration tests into a portable CLI. The official tool page describes the inspiration as something like PowerView for cloud infrastructure: a set of enumeration commands that reveal practical attack paths.
The project kept the operational model simple for package users: a Go command-line executable with modular commands and GitHub-hosted documentation. By 2026, the CloudFox wiki described AWS, Azure, and GCP support, and Bishop Fox separately announced CloudFox GCP as a purpose-built module suite for Google Cloud attack-path identification.
CloudFox's adoption is concentrated in cloud offensive-security and assessment workflows rather than general cloud administration. Bishop Fox materials present it as a tool used in cloud penetration tests, and the public GitHub project shows a specialist but visible user base, with packaged distribution through Homebrew and Nix recorded in the batch input.
Users run CloudFox from the terminal against cloud environments to enumerate identities, permissions, resources, and likely attack paths. The official wiki documents provider-specific command families, including AWS command help and examples, while the README frames the tool as situational awareness for unfamiliar cloud environments.
For package-manager users, CloudFox is a good example of a modern security assessment tool shipped as a cross-platform Go CLI: it is easy to bottle, distribute, and keep close to upstream releases. Its value in Homebrew is that a practitioner can install a cloud-enumeration toolkit without cloning a repository or managing language-specific runtime setup.
security posture
escape, surveillance, or offensive capability signal. infrastructure mutation or orchestration signal.
red risk · medium confidence · escape-surveillance-offensive
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
executables
| Command | Kind | Exposure | Note |
|---|---|---|---|
cloudfox | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/BishopFox/cloudfox
install metadata
| Package key | brew:cloudfox |
|---|---|
| Version | 2.0.5 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/cloudfox |
| Homepage | https://bishopfox.com/blog/introducing-cloudfox |
| Repository | https://github.com/BishopFox/cloudfox |
| Upstream docs | https://github.com/BishopFox/cloudfox#readme |
| License | MIT |
| Source archive | https://github.com/BishopFox/cloudfox/archive/refs/tags/v2.0.5.tar.gz |
| Last updated | 2026-06-15T10:20:13-04:00 |
| Pulse | updated |
| Build dependencies | go |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | cloudfox |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
cloudfox
nix profile install nixpkgs#cloudfoxsource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.