This repo contains observations and findings that are useful to attackers looking to target IBM Cloud or apps and services being run by customers who use the IBM Cloud.
This repository and the research was 1st presented at fwd:cloudsec 2021. The slides for the presentation are listed below.
Things uncovered while trying to identify the external footprint of IBM Cloud. Contains potential IP ranges, examples of Shodan/Censys findings etc.
Things uncovered when looking at IBM Cloud storage, the kind of storage types available, object storage, naming convention, tools to discover etc.
Exploring the IBM Cloud shell environment and any interesting things that I came across.
Exploring the IBM Cloud Functions service and the internal environment for the functions using a reverse shell.
IBMs previous generation of virtual machines on x86 available in all IBM Cloud locations worldwide.
Exploring the IBM Cloud Database services and recording interesting observations
Additional work that needs to be done to bring the research into better shape