RedCloud OS: A Cloud Adversary Simulation Platform for Red Teams

RedCloud OS: A Cloud Adversary Simulation Platform for Red Teams

RedCloud OS is a Debian-based Cloud Adversary Simulation Operating System designed for Red Teams to assess the security of leading Cloud Service Providers (CSPs).

Built on Parrot OS, it offers a suite of tools optimized for adversary simulation tasks across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). This guide will walk you through its features, setup, and usage.

System Requirements

To run RedCloud OS effectively, ensure your system meets the following specifications:

  • Platform: VMware Workstation (VMware Player may work but is untested)

  • RAM: 8GB+ recommended; 4GB minimum

  • CPU Cores: 4+ cores recommended; 2 cores minimum

Credentials

  • Username: cwl

  • Password: redcloud

Available Tools

RedCloud OS comes preloaded with a variety of tools categorized by CSPs and their use cases. Below is a breakdown:

AWS Tools

  • AWSCLI

  • AWS Consoler

  • AWS Escalate

  • CloudCopy

  • CloudJack

  • CloudMapper

  • CredKing

  • Endgame

  • Pacu

  • Redboto

  • weirdAAL

Azure Tools

  • AADCookieSpoof

  • AADInternals

  • AZ CLI

  • AzureAD

  • AzureHound

  • BloodHound

  • DCToolbox

  • MFASweep

  • MicroBurst

  • Microsoft365 devicePhish

  • MS Graph

  • PowerUpSQL

  • ROADtools

  • TeamFiltration

  • TokenTactics

GCP Tools

  • Gcloud CLI

  • GCPBucketBrute

  • GCP Delegation

  • GCP Enum

  • GCP Firewall Enum

  • GCP IAM Collector

  • GCP IAM Privilege Escalation

  • GCPTokenReuse

  • GoogleWorkspaceDirectoryDump

  • Hayat

Multi-cloud Tools

These tools work across multiple CSPs:

  • Cartography

  • CCAT

  • CloudBrute

  • CloudEnum

  • Cloud Service Enum

  • Evilginx2

  • Gitleaks

  • Impacket

  • Leonidas

  • Modlishka

  • Mose

  • PurplePanda

  • Responder

  • ScoutSuite

  • SkyArk

  • Zphisher

Installation and Setup

Downloading RedCloud OS

  1. Download the 7z archive from the official source.

  2. Extract the archive using a tool like 7-Zip.

  3. Open VMware Workstation and navigate to:

    • File > Open (Ctrl + O)

    • Browse to the extracted folder and select RedCloud OS.ovf.

  4. Click "Import" to load the virtual machine.

Usage

RedCloud OS organizes tools by CSPs, with subcategories for Enumeration, Exploitation, and Post Exploitation. The default terminal is Terminator, optimized for multitasking.

You can launch tools in four ways:

  1. By clicking their menu launchers.

  2. Running the startup.sh script in the respective /opt/ folder.

  3. Executing the startup script located in /usr/local/bin.

  4. Using TAB autocomplete to search for binaries by tool name.

Note: PowerShell-based tools start with capital letters, while others use lowercase.

Environmental Variables Setup

Some tools require specific environmental variables. Below are examples:

AWS

export AWS_ACCESS_KEY_ID=<access_key_id>

export AWS_SECRET_ACCESS_KEY=<access_key>

export AWS_DEFAULT_REGION=<region>

Azure

export AZURE_CLIENT_ID=<app-id>

export AZURE_TENANT_ID=<tenant-id>

export AZURE_CLIENT_SECRET=<app-secret>

GCP

export GOOGLE_APPLICATION_CREDENTIALS=<Service Account Json File Path>

Aliases

For convenience, several aliases are pre-configured in the user account:

alias c='clear'

alias a='nano ~/.bash_aliases'

alias s='source ~/.bash_aliases'

alias v='python3 -m venv venv && source venv/bin/activate'

alias d='deactivate'

alias p='pip3 install -r requirements.txt'

alias ll='ls -la'

Building RedCloud OS from Scratch

If you prefer to build RedCloud OS manually, follow these steps:

1.Download and install Parrot OS Architect Edition 5.3 in VMware/VirtualBox.

2.During installation, select only the Mate Desktop Environment.

3.Once installed, clone the repository:

git clone https://github.com/RedTeamOperations/RedCloud-OS.git

4.Navigate to the build-scripts folder and make scripts executable:

chmod +x *.sh 

5.Run the scripts in order:

    • Execute uninstall.sh first.

    • Optionally run hold.sh.

    • Finally, execute install.sh.

Optional: Use tools like Menu Editor or Dconf Editor for customization.

Learning Resources

Enhance your skills with these learning materials:

  1. AWS: AWS Cloud Red Team Specialist (CARTS)

  2. GCP: Google Cloud Red Team Specialist (CGRTS)

  3. Multi-cloud:

    • Multi-cloud Red Team Analyst (MCRTA)

    • Hybrid Multi-cloud Red Team Specialist (CHMRTS)

Future Roadmap

The development team plans to add support for Apple Silicon architecture in future updates.

Feedback and Support

RedCloud OS is an evolving project, and user feedback is crucial for improvement. Share your suggestions by creating an issue on the repository or emailing info@cyberwarfare.live with the subject line "RedCloud OS."

Acknowledgments

Special thanks to Parrot Security for providing the base operating system and to all contributors of open-source components integrated into RedCloud OS. You can learn more and Download RedCloud OS in GitHub.

Upgrade Your Cybersecurity Skills EHA: Learn 150+ Practical Cyber Security Courses Online With Life Time Access - Enroll Here

Back to blog