This repo contains observations and findings that are useful to attackers looking to target IBM Cloud or apps and services being run by customers who use the IBM Cloud.

This repository and the research was 1st presented at fwd:cloudsec 2021. The slides for the presentation are listed below.

• An Attacker's Approach to Pentesting IBM Cloud - Slides

Things uncovered while trying to identify the external footprint of IBM Cloud. Contains potential IP ranges, examples of Shodan/Censys findings etc.

• Public OSINT and identifying IBM cloud things

Things uncovered when looking at IBM Cloud storage, the kind of storage types available, object storage, naming convention, tools to discover etc.

• IBM Cloud Storage related things

Exploring the IBM Cloud shell environment and any interesting things that I came across.

• IBM Cloud shell

Exploring the IBM Cloud Functions service and the internal environment for the functions using a reverse shell.

• IBM Cloud Functions

IBMs previous generation of virtual machines on x86 available in all IBM Cloud locations worldwide.

• IBM Cloud Virtual Server for Classic

Exploring the IBM Cloud Database services and recording interesting observations

• IBM Cloud Databases

Additional work that needs to be done to bring the research into better shape

• Future work