Skip to content

CLI Module Reference

Jump to bottom
WebbinRoot edited this page Apr 2, 2026 · 1 revision

CLI Module Reference

If you are new to OCI or OCInferno, read Getting Started first.

This reference is generated from the current module mappings and parser flags in source code.

Exploitation Module Notes (COMING_SOON)

  • Exploitation modules are temporarily deferred for the V1 release milestone

Table of Contents

Runner Flags (modules run)

These are wrapper-level flags handled by modules run before module-specific flags are passed through.

Flag Purpose
--cids <ocid...> Run against explicit compartment IDs (space/comma supported).
--current-cid Run against only current session compartment.
--all-cids Run against all discovered compartments in workspace context.
--proxy <url> Override workspace proxy config for this run only.
-v, --debug Enable debug logging for this run.
--save / --no-save Force enable/disable DB persistence for this run. By default, persistence follows config module_auto_save (default True).
--get Pass --get to modules that support it (ex. Call GetUser on each user after calling ListUsers).
--download [tokens...] Pass --download to modules that support it. For enum_all, optional tokens are supported (for example --download buckets api_specs).

Everything Modules

enum_all

  • Service Group: Everything
  • Example Resources: Compartments, IAM principals/domains, networking, storage, registries, vault resources (cross-service coverage).
  • Category: Enumeration
  • Module Path: modules.everything.enumeration.enum_all
  • Author: Scott (@WebbinRoot)
  • What It Does: Run cross-service enumeration in dependency order

Get/Download Notes

  • --get is supported and is passed through to submodules that implement detail enrichment.
  • No download flags means no download routing.
  • --download with no tokens downloads all token groups.
  • --download <tokens...> downloads only those token groups.
  • --not-downloads <tokens...> by itself means "download all except these tokens".
  • If both --download and --not-downloads are provided, exclusions are subtracted from the selected download set.
  • Default download paths:
    • Root: ./ocinferno_output/<workspace>/downloads/ (module-specific subpaths below).

Supported Flags

Flag(s) Description Details
--comp Enumerate compartments first via enum_comp. Current scope: also scans newly-discovered compartments in the SAME run. All scope: refreshes discovery then scans all discovered compartments. action=store_true
--config-check Run config_check once (after scans). action=store_true
--download Enable download routing for enum_all. Examples: --download # all downloads --download buckets # object storage content --download buckets,orm_variables api_content Available tokens: - all - api_content - api_specs - artifacts - blobs - buckets - compute - iot_instances - iot_models - object_storage - objects - orm_jobs - orm_templates - orm_variables - sdks - vault_secrets nargs=*
--modules Run only selected service groups (CSV/space separated). Examples: --modules dns,devops OR --modules dns devops Available modules: - api_gateway - artifact_registry - blockchain - cloud_guard - compartments - container_instances - container_registry - core_block_storage - core_compute - core_network - data_flow - data_science - databases - desktops - devops - dns - file_storage - functions - identity - iot - kubernetes - logging - managed_kafka - network_firewall - network_load_balancer - notifications - object_storage - resource_manager - resource_scheduler - vault nargs=*
--no-recursive-compartments Do not recursively expand from root compartment(s). When set, enum_all scans only the provided root target compartment(s). action=store_true
--not-downloads Exclude download token groups (CSV/space separated). Examples: --download --not-downloads object_storage --not-downloads api_specs,sdks Uses the same download tokens listed under --download. nargs=*
--not-modules Exclude selected service groups (CSV/space separated). Example: --not-modules object_storage Uses the same module tokens listed under --modules. nargs=*
--opengraph Run OpenGraph once (after scans). action=store_true

Example Module Commands

# Common use case: Enumerate everything, graph everything, and download all token groups.
modules run enum_all --comp --opengraph --download

# TLDR: Enumerate and download all EXCEPT object storage token groups.
modules run enum_all --not-downloads object_storage

# TLDR: Run full cross-service enumeration with no download routing.
modules run enum_all

# TLDR: Run selected service groups with detail enrichment.
modules run enum_all --comp --modules identity,core_network --get

# TLDR: Run selected services and download only selected artifact/content groups.
modules run enum_all --modules object_storage,resource_manager --download buckets,orm_variables

# TLDR: Run selected services and download only selected artifact/content groups.
modules run enum_all --comp --no-recursive-compartments --modules vault --download vault_secrets

enum_config_check

  • Service Group: Everything
  • Example Resources: Saved config-audit findings, misconfiguration checks, compliance/risk signals derived from enumerated data.
  • Category: Enumeration
  • Module Path: modules.everything.enumeration.enum_config_check
  • Author: Scott (@WebbinRoot)
  • What It Does: Run saved-data configuration audits

Supported Flags

Flag(s) Description Details
--json-out Write findings JSON to a file path.
--quiet Do not print report (still stores on session). action=store_true
--services Comma-separated services to audit (default: all). Example: api_gateway,artifact_registry,bastion,blockchain,block_storage,cache,cloud_guard,compute,compute_instance_agent,container_registry,data_science,database,devops,dns,email,file_storage,functions,identity,identity_domains,iot,kubernetes,logging,managed_kafka,network_firewall,network_load_balancer,networking,notifications,object_storage,resource_manager,vault

Example Module Commands

# TLDR: Run module with default behavior and current scope.
modules run enum_config_check
# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_config_check --services iam,network --json-out ./ocinferno_output/config-check.json
# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_config_check --quiet

OpenGraph Modules

enum_oracle_cloud_hound_data

  • Service Group: OpenGraph
  • Example Resources: OpenGraph nodes/edges, IAM relationship graph, CloudHound export JSON.
  • Category: Enumeration
  • Module Path: modules.opengraph.enumeration.enum_oracle_cloud_hound_data
  • Author: Scott (@WebbinRoot)
  • What It Does: Build OpenGraph nodes/edges and export OCI CloudHound JSON

Supported Flags

Flag(s) Description Details
--apply-custom-node-attributes Push OCI custom node styles to BloodHound custom-nodes API after export. action=store_true
--cond-eval IAM: attempt conditional evaluation action=store_true; dest=conditional_evaluation
--custom-nodes-token Bearer token for custom-nodes API (or set OCINFERNO_CUSTOM_NODES_TOKEN).
--custom-nodes-url BloodHound custom-nodes API endpoint. default=http://127.0.0.1:8080/api/v2/custom-nodes
--debug Enable debug logging action=store_true
--debug-report Write a debug report JSON alongside output action=store_true
--drop-no-cond-perms IAM: drop conditionals with no effective permissions. Modes: time, general, all (comma-separated; blank => all). nargs=?; default=(False, False); metavar=MODES
--dynamic-groups Run only the dynamic-group membership build step. action=store_true; dest=dynamic_groups_only
--expand-inherited IAM: expand inherited scope/location edges. action=store_true; dest=expand_inheritance
--export-only Skip builds; only export opengraph_* tables action=store_true
--groups Run only the group membership build step. action=store_true; dest=groups_only
--include-all IAM: include all parsed IAM edges/nodes (not only default allowlist output). action=store_true
--infer-domain IAM: infer identity domains (optional domain hint; blank => Default). nargs=?; metavar=DOMAIN
--out Output JSON path (default: session-managed export path)
--reset Delete opengraph tables before build action=store_true

Example Module Commands

# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_oracle_cloud_hound_data --reset
# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_oracle_cloud_hound_data --export-only --out ./ocinferno_output/opengraph.json
# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_oracle_cloud_hound_data --expand-inherited --infer-domain

Enumeration Modules

enum_apigateway

  • Service Group: ApiGateway
  • Example Resources: Gateways, APIs, deployments, SDK artifacts.
  • Category: Enumeration
  • Module Path: modules.apigateway.enumeration.enum_apigateway
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate API Gateway resources

Get/Download Notes

  • --download is supported and downloads API content and deployment specifications.
  • With --curl-from-openapi, downloaded OpenAPI content is used to generate curl templates.
  • Default paths:
    • API content: ./ocinferno_output/<workspace>/downloads/api-gateway/<compartment_id>/api-content/<api_id>/api_content.<ext>
    • Deployment spec: ./ocinferno_output/<workspace>/downloads/api-gateway/<compartment_id>/api-spec/<api_id>/deployment_spec.<ext>
    • Curl templates (--curl-from-openapi): ./ocinferno_output/<workspace>/downloads/api-gateway/<compartment_id>/api-content/<api_id>/curl_requests.sh

Supported Flags

Flag(s) Description Details
--api-ids API OCID scope for SDK filtering (repeatable, CSV supported) action=append
--apis Enumerate APIs action=store_true
--base-url Optional base URL for generated curl templates
--curl-from-openapi Generate curl templates from downloaded OpenAPI action=store_true
--deployments Enumerate deployments action=store_true
--gateway-ids Gateway OCID scope (repeatable, CSV supported) action=append
--gateways Enumerate gateways action=store_true
--sdk-id SDK OCID scope
--sdks Enumerate SDKs action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_apigateway
# TLDR: Enumerate and download supported artifacts/content for this module.
modules run enum_apigateway --download
# TLDR: Enumerate and download supported artifacts/content for this module.
modules run enum_apigateway --gateway-ids <gateway_ocid> --download
# TLDR: Download artifacts and generate curl templates from OpenAPI content.
modules run enum_apigateway --download --curl-from-openapi --base-url https://example.org

enum_artifactregistry

  • Service Group: ArtifactRegistry
  • Example Resources: Artifact repositories, generic artifacts (paths/versions), downloadable artifact payloads.
  • Category: Enumeration
  • Module Path: modules.artifactregistry.enumeration.enum_artifactregistry
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate Artifact Registry resources

Get/Download Notes

  • --get is supported for repository detail enrichment.
  • --download is supported for generic artifact content retrieval.
  • Default download paths:
    • ./ocinferno_output/<workspace>/downloads/artifactregistry/<compartment_id>/...

Supported Flags

Flag(s) Description Details
--all Download all versions action=store_true
--artifacts Enumerate artifacts action=store_true
--latest Download latest version per artifact path action=store_true
--out-dir Override download output directory
--path Only include artifacts matching this artifact_path
--repo-id Only enumerate artifacts in this repository OCID
--repositories Enumerate repositories action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_artifactregistry
# TLDR: Enumerate and download supported artifacts/content for this module.
modules run enum_artifactregistry --repo-id <repo_ocid> --download --latest
# TLDR: Enumerate and download supported artifacts/content for this module.
modules run enum_artifactregistry --repo-id <repo_ocid> --download --all

enum_blockchain

  • Service Group: Blockchain
  • Example Resources: Blockchain platforms, blockchain instances/related platform metadata.
  • Category: Enumeration
  • Module Path: modules.blockchain.enumeration.enum_blockchain
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate OCI Blockchain resources

Supported Flags

Flag(s) Description Details
--osns Enumerate blockchain orderer service nodes action=store_true
--patches Enumerate blockchain platform patches action=store_true
--peers Enumerate blockchain peers action=store_true
--platform-ids Blockchain platform OCID scope (repeatable, CSV supported) action=append
--platforms Enumerate blockchain platforms action=store_true
--work-requests Enumerate blockchain work requests action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_blockchain
# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_blockchain --platform-ids <platform_ocid_1>,<platform_ocid_2>

enum_cloudguard

  • Service Group: CloudGuard
  • Example Resources: Cloud Guard targets, detector recipes, responder recipes, managed lists.
  • Category: Enumeration
  • Module Path: modules.cloudguard.enumeration.enum_cloudguard
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate Cloud Guard resources

Get/Download Notes

  • --get is supported for target detail enrichment.

Supported Flags

Flag(s) Description Details
--data-sources Enumerate data-sources action=store_true
--detector-recipes Enumerate detector-recipes action=store_true
--managed-lists Enumerate managed-lists action=store_true
--problems Enumerate problems action=store_true
--recommendations Enumerate recommendations action=store_true
--responder-recipes Enumerate responder-recipes action=store_true
--security-policies Enumerate security-policies action=store_true
--security-recipes Enumerate security-recipes action=store_true
--security-zones Enumerate security-zones action=store_true
--targets Enumerate targets action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_cloudguard
# TLDR: Enumerate with GET/detail enrichment where supported.
modules run enum_cloudguard --targets --get

enum_comp

  • Service Group: IdentityClient
  • Example Resources: Tenancy root compartment, child compartments, compartment hierarchy metadata.
  • Category: Enumeration
  • Module Path: modules.identityclient.enumeration.enum_comp
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate OCI compartments

Get/Download Notes

  • Use explicit --get-root, --get-root-only, and --get-all-comps for GetCompartment behavior.

Supported Flags

Flag(s) Description Details
--get-all-comps Run GetCompartment on root and on every discovered compartment from list calls. Useful when you want full GetCompartment metadata across the discovered set. action=store_true
--get-root Run GetCompartment on root, then run list calls according to recursive mode. action=store_true
--get-root-only Only run GetCompartment on current/root compartment. Do not run ListCompartments. action=store_true
--lifecycle Compartment lifecycle state filter (default: ACTIVE). choices=ACTIVE, INACTIVE, ALL; default=ACTIVE
--recursive Recursively enumerate sub-compartments. - Tenancy root: uses ListCompartments(subtree=True) - Non-tenancy root: walks recursively via repeated ListCompartments(subtree=False) action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_comp
# TLDR: Run targeted enumeration.
modules run enum_comp --recursive
# TLDR: Enumerate with GET/detail enrichment where supported.
modules run enum_comp --get-root-only
# TLDR: Enumerate with GET/detail enrichment where supported.
modules run enum_comp --get-all-comps --recursive

enum_container_instances

  • Service Group: ContainerInstances
  • Example Resources: Container instances, container instance shapes/config metadata.
  • Category: Enumeration
  • Module Path: modules.containerinstances.enumeration.enum_container_instances
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate OCI Container Instances

Get/Download Notes

  • --get is supported for container instance detail enrichment.

Supported Flags

  • No module-specific flags discovered from parser definitions.

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_container_instances
# TLDR: Run targeted enumeration.
modules run enum_container_instances --cids <compartment_ocid>

enum_containerregistry

  • Service Group: ContainerRegistry
  • Example Resources: Container repositories, image/tag metadata (Container Registry).
  • Category: Enumeration
  • Module Path: modules.containerregistry.enumeration.enum_containerregistry
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate Container Registry resources

Supported Flags

Flag(s) Description Details
--images Enumerate container images action=store_true
--repo-id Only enumerate images in this container repository OCID
--repositories Enumerate container repositories action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_containerregistry
# TLDR: Run module with default behavior and current scope.
modules run enum_containerregistry

enum_core_block_storage

  • Service Group: Core
  • Example Resources: Block volumes, boot volumes, volume backups, boot volume backups.
  • Category: Enumeration
  • Module Path: modules.core.enumeration.enum_core_block_storage
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate OCI Core Block Storage resources

Get/Download Notes

  • --get is supported for block/boot volume detail enrichment.

Supported Flags

Flag(s) Description Details
--availability-domain Availability domain (used for boot volumes)
--boot-volume-backups Enumerate boot volume backups action=store_true
--boot-volumes Enumerate boot volumes action=store_true
--volume-backups Enumerate volume backups action=store_true
--volumes Enumerate block volumes action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_core_block_storage
# TLDR: Enumerate with GET/detail enrichment where supported.
modules run enum_core_block_storage --volumes --volume-backups --get
# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_core_block_storage --boot-volumes --boot-volume-backups --availability-domain <ad_name>

enum_core_compute

  • Service Group: Core
  • Example Resources: Compute instances, images, instance pools/configs, instance-agent commands/plugins.
  • Category: Enumeration
  • Module Path: modules.core.enumeration.enum_core_compute
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate OCI Core Compute resources (instances/images/compute management + instance-agent plugins)

Get/Download Notes

  • --get is supported for compute detail enrichment.
  • --download is supported for instance metadata/cloud-init and instance-agent command artifacts.
  • Default download paths:
    • ./ocinferno_output/<workspace>/downloads/compute/<compartment_id>/...

Supported Flags

Flag(s) Description Details
--cluster-networks Enumerate cluster networks action=store_true
--compute-clusters Enumerate compute clusters action=store_true
--images Enumerate compute images action=store_true
--instance-agent-command-executions Enumerate per-instance execution/status rows (use when you want execution-history artifacts) action=store_true
--instance-agent-commands Enumerate instance-agent commands; with --get/--download also pulls status/output and writes merged per-instance command files action=store_true
--instance-agent-plugins Enumerate compute instance-agent plugin status per instance action=store_true
--instance-configs Enumerate instance configurations action=store_true
--instance-pools Enumerate instance pools action=store_true
--instances Enumerate compute instances action=store_true

Example Module Commands

# TLDR: Run targeted enumeration.
modules run enum_core_compute --instances --images
# TLDR: Enumerate and download supported artifacts/content for this module.
modules run enum_core_compute --instances --get --download
# TLDR: Enumerate and download supported artifacts/content for this module.
modules run enum_core_compute --instances --instance-agent-commands --instance-agent-command-executions --download

enum_core_network

  • Service Group: Core
  • Example Resources: VCNs, subnets, route tables/security lists, gateways (IGW/NAT/SGW), DRGs/attachments.
  • Category: Enumeration
  • Module Path: modules.core.enumeration.enum_core_network
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate OCI Core Networking resources

Get/Download Notes

  • --get is supported for network resource detail enrichment.

Supported Flags

Flag(s) Description Details
--dhcp-options Enumerate DHCP options action=store_true
--drg-attachments Enumerate DRG attachments action=store_true
--drg-id Filter by DRG OCID (used by DRG attachments)
--drgs Enumerate DRGs action=store_true
--internet-gateways Enumerate internet gateways action=store_true
--nat-gateways Enumerate NAT gateways action=store_true
--nsgs Enumerate network security groups action=store_true; dest=network_security_groups
--route-tables Enumerate route tables action=store_true
--security-lists Enumerate security lists action=store_true
--service-gateways Enumerate service gateways action=store_true
--subnets Enumerate subnets action=store_true
--vcn-id Filter by VCN OCID (used by VCN-scoped resources)
--vcns Enumerate VCNs action=store_true

Example Module Commands

# TLDR: Run targeted enumeration.
modules run enum_core_network --vcns --subnets --route-tables
# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_core_network --nsgs --security-lists --internet-gateways --nat-gateways
# TLDR: Enumerate with GET/detail enrichment where supported.
modules run enum_core_network --drgs --drg-attachments --drg-id <drg_ocid> --get

enum_databases

  • Service Group: Databases
  • Example Resources: Database systems/clusters (service-specific), nodes, attached users.
  • Category: Enumeration
  • Module Path: modules.databases.enumeration.enum_databases
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate Database resources

Get/Download Notes

  • --get is supported for database resource detail enrichment.

Supported Flags

Flag(s) Description Details
--cache-clusters Enumerate cache-clusters action=store_true
--cache-users Enumerate cache-users action=store_true
--mysql Enumerate mysql action=store_true
--postgres Enumerate postgres action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_databases
# TLDR: Run targeted enumeration.
modules run enum_databases --nodes --users

enum_dataflow

  • Service Group: DataFlow
  • Example Resources: Data Flow applications, runs, logs/work requests (service metadata).
  • Category: Enumeration
  • Module Path: modules.dataflow.enumeration.enum_dataflow
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate OCI Data Flow resources

Supported Flags

Flag(s) Description Details
--applications Enumerate Data Flow applications action=store_true
--pools Enumerate Data Flow pools action=store_true
--private-endpoints Enumerate Data Flow private endpoints action=store_true
--runs Enumerate Data Flow runs action=store_true
--sql-endpoints Enumerate Data Flow SQL endpoints action=store_true
--work-requests Enumerate Data Flow work requests action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_dataflow
# TLDR: Run module with default behavior and current scope.
modules run enum_dataflow

enum_datascience

  • Service Group: DataScience
  • Example Resources: Data Science projects, notebook sessions, work requests/jobs.
  • Category: Enumeration
  • Module Path: modules.datascience.enumeration.enum_datascience
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate OCI Data Science resources

Supported Flags

Flag(s) Description Details
--job-runs Enumerate job runs action=store_true
--jobs Enumerate jobs action=store_true
--ml-applications Enumerate ML applications action=store_true
--model-deployments Enumerate model deployments action=store_true
--model-groups Enumerate model groups action=store_true
--model-version-sets Enumerate model version sets action=store_true
--models Enumerate models action=store_true
--notebook-sessions Enumerate notebook sessions action=store_true
--pipeline-runs Enumerate pipeline runs action=store_true
--pipelines Enumerate pipelines action=store_true
--private-endpoints Enumerate Data Science private endpoints action=store_true
--projects Enumerate projects action=store_true
--schedules Enumerate schedules action=store_true
--work-requests Enumerate work requests action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_datascience
# TLDR: Run module with default behavior and current scope.
modules run enum_datascience

enum_desktops

  • Service Group: Desktops
  • Example Resources: Desktop pools, desktop-related lifecycle metadata.
  • Category: Enumeration
  • Module Path: modules.desktops.enumeration.enum_desktops
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate OCI Desktops resources

Supported Flags

Flag(s) Description Details
--desktops Enumerate desktops action=store_true
--pool-desktops Enumerate desktops within pools action=store_true
--pool-ids Desktop pool OCID scope (repeatable, CSV supported) action=append
--pool-volumes Enumerate desktop pool volumes action=store_true
--pools Enumerate desktop pools action=store_true
--work-requests Enumerate desktop service work requests action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_desktops
# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_desktops --pool-ids <desktop_pool_ocid>

enum_devops

  • Service Group: DevOps
  • Example Resources: DevOps projects, repositories/connections, build/deploy pipeline metadata.
  • Category: Enumeration
  • Module Path: modules.devops.enumeration.enum_devops
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate DevOps resources

Get/Download Notes

  • --get is supported for project detail enrichment.

Supported Flags

Flag(s) Description Details
--build-pipelines Enumerate build-pipelines action=store_true
--connections Enumerate connections action=store_true
--deploy-pipelines Enumerate deploy-pipelines action=store_true
--project-id Only enumerate deploy pipelines for this DevOps Project OCID
--projects Enumerate projects action=store_true
--repositories Enumerate repositories action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_devops
# TLDR: Run targeted enumeration.
modules run enum_devops --project-id <project_ocid>

enum_dns

  • Service Group: DNS
  • Example Resources: DNS zones, zone records, resolvers/endpoints.
  • Category: Enumeration
  • Module Path: modules.dns.enumeration.enum_dns
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate DNS resources

Get/Download Notes

  • --get is supported for zone detail enrichment.

Supported Flags

Flag(s) Description Details
--private-resolvers Enumerate private-resolvers action=store_true
--zone-records Enumerate zone-records action=store_true
--zones Enumerate zones action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_dns
# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_dns --zone-id <zone_ocid>
# TLDR: Run targeted enumeration.
modules run enum_dns --cids <compartment_ocid>

enum_email

  • Service Group: EmailDelivery
  • Example Resources: Email domains, approved senders, DKIM/SPF records, suppressions/return paths.
  • Category: Enumeration
  • Module Path: modules.email.enumeration.enum_email
  • Author: Scott (@WebbinRoot)
  • What It Does: Create SMTP creds and send mail via OCI Email Delivery

Supported Flags

Flag(s) Description Details
--dkims Enumerate DKIM records for domains action=store_true
--domains Enumerate email domains action=store_true
--email-configuration Fetch email configuration (submit endpoints) action=store_true
--return-paths Enumerate email return paths action=store_true
--senders Enumerate email senders action=store_true
--spfs Enumerate SPF records for domains action=store_true
--suppressions Enumerate suppressions action=store_true

Example Module Commands

# TLDR: Run targeted enumeration.
modules run enum_email --domains --senders
# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_email --domains --dkims --spfs --return-paths
# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_email --suppressions

enum_filestorage

  • Service Group: FileStorage
  • Example Resources: File systems, mount targets, export sets/exports, snapshots.
  • Category: Enumeration
  • Module Path: modules.filestorage.enumeration.enum_filestorage
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate File Storage resources

Get Notes

  • --get is supported as pass-through enrichment for selected components.

Supported Flags

Flag(s) Description Details
--debug Debug logging action=store_true
--export-set-id Only enumerate exports for this Export Set OCID
--export-sets Enumerate export-sets action=store_true
--exports Enumerate exports action=store_true
--file-system-id Only enumerate snapshots for this File System OCID
--file-systems Enumerate file-systems action=store_true
--limit Limit results (0 = no limit)
--mount-targets Enumerate mount-targets action=store_true
--snapshots Enumerate snapshots action=store_true

Example Module Commands

# TLDR: Run targeted enumeration.
modules run enum_filestorage --file-systems --mount-targets
# TLDR: Enumerate with GET/detail enrichment where supported.
modules run enum_filestorage --export-sets --exports --snapshots --get

enum_functions

  • Service Group: Functions
  • Example Resources: Functions applications, functions, related invocation metadata.
  • Category: Enumeration
  • Module Path: modules.functions.enumeration.enum_functions
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate Functions resources

Supported Flags

Flag(s) Description Details
--app-ids Functions application OCIDs scope (repeatable, comma-separated supported). action=append
--apps Enumerate function applications action=store_true
--functions Enumerate functions action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_functions
# TLDR: Run module with default behavior and current scope.
modules run enum_functions

enum_identity

  • Service Group: IdentityClient
  • Example Resources: Identity domains, users/groups/dynamic groups, IAM policies, app roles, grants, credentials.
  • Category: Enumeration
  • Module Path: modules.identityclient.enumeration.enum_identity
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate Identity (IAM + IDD) resources

Get/Download Notes

  • --get is accepted (Reserved) in this module.

Supported Flags

Flag(s) Description Details
--domains Enumerate identity domains action=store_true
--iam Enumerate classic IAM policies action=store_true
--idd-api-keys Enumerate identity domain API keys action=store_true
--idd-app-roles Enumerate identity domain app roles action=store_true
--idd-apps Enumerate identity domain applications action=store_true
--idd-auth-tokens Enumerate identity domain auth tokens action=store_true
--idd-grants Enumerate identity domain grants action=store_true
--idd-password-policies Enumerate identity domain password policies action=store_true
--principals Enumerate principals action=store_true

Example Module Commands

# TLDR: Run targeted enumeration.
modules run enum_identity --domains
# TLDR: Run targeted enumeration.
modules run enum_identity --users --groups --dynamic-groups --memberships
# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_identity --domain-filter Default --idd-only
# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_identity --iam-policies --classic-only

enum_iot

  • Service Group: IoT
  • Example Resources: IoT domains, digital twin models, digital twin instances/content.
  • Category: Enumeration
  • Module Path: modules.iot.enumeration.enum_iot
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate IoT resources

Get/Download Notes

  • --get is supported for IoT domain detail enrichment.
  • --download is supported for Digital Twin model/instance artifacts.
  • Default download paths:
    • ./ocinferno_output/<workspace>/downloads/iot/<compartment_id>/...

Supported Flags

Flag(s) Description Details
--digital-twin-adapters Enumerate digital-twin-adapters action=store_true
--digital-twin-instances Enumerate digital-twin-instances action=store_true
--digital-twin-models Enumerate digital-twin-models action=store_true
--digital-twin-relationships Enumerate digital-twin-relationships action=store_true
--domain-groups Enumerate domain-groups action=store_true
--domain-id Domain ID filter for digital twin resources
--domains Enumerate domains action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_iot
# TLDR: Enumerate and download supported artifacts/content for this module.
modules run enum_iot --domain-id <iot_domain_ocid> --download
# TLDR: Run targeted enumeration.
modules run enum_iot --domain-id <iot_domain_ocid>

enum_kubernetes

  • Service Group: Kubernetes
  • Example Resources: OKE clusters, node pools/virtual node pools, optional virtual nodes.
  • Category: Enumeration
  • Module Path: modules.kubernetes.enumeration.enum_kubernetes
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate Kubernetes resources

Get/Download Notes

  • --get is supported for cluster detail enrichment.

Supported Flags

Flag(s) Description Details
--clusters Enumerate clusters action=store_true
--debug Debug logging action=store_true
--list-nodes Also list virtual nodes for virtual node pools action=store_true
--node-pools Enumerate node-pools action=store_true
--save-nodes When used with --list-nodes, also save virtual nodes action=store_true
--virtual-node-pools Enumerate virtual-node-pools action=store_true
--vnp-ids Virtual node pool OCIDs (repeatable, comma-separated supported). action=append

Example Module Commands

# TLDR: Run targeted enumeration.
modules run enum_kubernetes --clusters
# TLDR: Enumerate with GET/detail enrichment where supported.
modules run enum_kubernetes --clusters --get
# TLDR: Run a targeted scenario using the provided filters/options.
modules run enum_kubernetes --virtual-node-pools --vnp-ids <vnp_ocid_1>,<vnp_ocid_2> --list-nodes

enum_logs

  • Service Group: Logging
  • Example Resources: Log groups, logs, logging configuration metadata.
  • Category: Enumeration
  • Module Path: modules.logging.enumeration.enum_logs
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate all buckets and corresponding blobs

Get/Download Notes

  • --get is supported for log-group/log detail enrichment.

Supported Flags

Flag(s) Description Details
--logs List logs for each log group action=store_true

Example Module Commands

# TLDR: Run targeted enumeration.
modules run enum_logs --logs
# TLDR: Run module with default scope.
modules run enum_logs

enum_managedkafka

  • Service Group: ManagedKafka
  • Example Resources: Managed Kafka clusters, topics/config metadata, service work requests.
  • Category: Enumeration
  • Module Path: modules.managedkafka.enumeration.enum_managedkafka
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate Managed Kafka resources

Supported Flags

Flag(s) Description Details
--cluster-config-ids Kafka Cluster Config OCIDs scope (repeatable, comma-separated supported). action=append
--cluster-config-versions Enumerate kafka cluster config versions action=store_true
--cluster-configs Enumerate kafka cluster configs action=store_true
--cluster-ids Kafka Cluster OCIDs (repeatable, comma-separated supported). action=append
--clusters Enumerate kafka clusters action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_managedkafka
# TLDR: Run module with default behavior and current scope.
modules run enum_managedkafka

enum_networkfirewall

  • Service Group: NetworkFirewall
  • Example Resources: Network firewall resources, firewall policies/rule stacks, endpoints.
  • Category: Enumeration
  • Module Path: modules.networkfirewall.enumeration.enum_networkfirewall
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate Network Firewall resources

Supported Flags

Flag(s) Description Details
--firewall-id Get a specific Network Firewall by OCID
--firewalls Enumerate network firewalls action=store_true
--policies Enumerate network firewall policies action=store_true
--policy-ids Network Firewall Policy OCIDs (repeatable, comma-separated supported). action=append
--security-rules Enumerate network firewall security rules action=store_true

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_networkfirewall
# TLDR: Run module with default behavior and current scope.
modules run enum_networkfirewall

enum_notifications

  • Service Group: Notifications
  • Example Resources: Notification topics, subscriptions, protocol endpoint metadata.
  • Category: Enumeration
  • Module Path: modules.notifications.enumeration.enum_notifications
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate Notifications resources

Get Notes

  • --get is supported as pass-through enrichment for selected components.

Supported Flags

Flag(s) Description Details
--subscriptions Enumerate subscriptions action=store_true
--topic-id Filter subscriptions to a specific topic OCID
--topics Enumerate topics action=store_true

Example Module Commands

# TLDR: Run targeted enumeration.
modules run enum_notifications --topics --subscriptions
# TLDR: Enumerate with GET/detail enrichment where supported.
modules run enum_notifications --topics --get

enum_objectstorage

  • Service Group: ObjectStorage
  • Example Resources: Namespaces, buckets, objects/blobs, object metadata/content.
  • Category: Enumeration
  • Module Path: modules.objectstorage.enumeration.enum_objectstorage
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate Object Storage resources

Get/Download Notes

  • --get is supported for namespace metadata enrichment (--get-meta also available).
  • --download is supported for matching object content retrieval.
  • Default download paths:
    • ./ocinferno_output/<workspace>/downloads/objectstorage/<compartment_id>/<namespace>/<bucket>/<object_path...>

Supported Flags

Flag(s) Description Details
--buckets Enumerate buckets action=store_true
--limit Limit matching objects per bucket (0 = no limit)
--max-bytes Only include objects <= this size
--min-bytes Only include objects >= this size
--name-regex Only include objects whose name matches this regex
--namespaces Enumerate namespaces action=store_true
--newer-than Only include objects created on/after this ISO datetime
--object-buckets Bucket scope for objects (repeatable, CSV supported) action=append
--object-namespaces Namespace scope for buckets/objects (repeatable, CSV supported) action=append
--objects Enumerate objects action=store_true
--older-than Only include objects created on/before this ISO datetime
--prefix Only include objects whose name starts with this prefix
--sse-c-key-b64 Base64-encoded AES-256 key for SSE-C objects
--threads Download thread count (reserved) default=8

Example Module Commands

# TLDR: Run targeted enumeration.
modules run enum_objectstorage --namespaces --buckets
# TLDR: Enumerate and download supported artifacts/content for this module.
modules run enum_objectstorage --namespaces --buckets --prefix logs/ --download --threads 8
# TLDR: Enumerate and download supported artifacts/content for this module.
modules run enum_objectstorage --name-regex '.*\\.zip$' --max-bytes 50000000 --download

enum_resource_schedules

  • Service Group: ResourceScheduler
  • Example Resources: Resource Scheduler schedules, schedule state/details.
  • Category: Enumeration
  • Module Path: modules.resourcescheduler.enumeration.enum_resource_schedules
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate OCI Resource Scheduler schedules

Get/Download Notes

  • --get is supported for schedule detail enrichment.

Supported Flags

  • No module-specific flags discovered from parser definitions.

Example Module Commands

# TLDR: Run module with default scope.
modules run enum_resource_schedules
# TLDR: Enumerate with GET/detail enrichment where supported.
modules run enum_resource_schedules --get

enum_resourcemanager

  • Service Group: ResourceManager
  • Example Resources: Resource Manager stacks, jobs/runs, templates, job artifacts.
  • Category: Enumeration
  • Module Path: modules.resourcemanager.enumeration.enum_resourcemanager
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate Resource Manager resources

Get/Download Notes

  • --get is supported for stack detail enrichment.
  • --download is supported for stack/job/template artifact retrieval.
  • Default download paths:
    • ./ocinferno_output/<workspace>/downloads/resource-manager/<compartment_id>/...

Supported Flags

Flag(s) Description Details
--config-source-providers Enumerate config-source-providers action=store_true
--jobs Enumerate jobs action=store_true
--private-endpoints Enumerate private-endpoints action=store_true
--stacks Enumerate stacks action=store_true
--template-category-id Filter templates by template category
--template-id Get a specific template by OCID
--templates Enumerate templates action=store_true

Example Module Commands

# TLDR: Run targeted enumeration.
modules run enum_resourcemanager --stacks
# TLDR: Enumerate and download supported artifacts/content for this module.
modules run enum_resourcemanager --stacks --get --download vars tfconfig
# TLDR: Enumerate and download supported artifacts/content for this module.
modules run enum_resourcemanager --jobs --stack-id <stack_ocid> --outputs --download outputs logs tf-plan
# TLDR: Enumerate and download supported artifacts/content for this module.
modules run enum_resourcemanager --templates --template-category-id 0 --download

enum_tagging

  • Service Group: Tagging
  • Example Resources: Tag namespaces, tag definitions, tag defaults.
  • Category: Enumeration
  • Module Path: modules.tagging.enumeration.enum_tagging
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate Tagging resources

Notes

  • enum_tagging does not expose --get or --download.

Supported Flags

Flag(s) Description Details
--defaults Enumerate defaults action=store_true
--definitions Enumerate tag definitions action=store_true
--include-subcompartments Include subcompartments action=store_true
--namespaces Enumerate namespaces action=store_true

Example Module Commands

# TLDR: Run targeted enumeration.
modules run enum_tagging --namespaces --definitions --defaults
# TLDR: Include subcompartments in tagging enumeration.
modules run enum_tagging --definitions --include-subcompartments

enum_vault

  • Service Group: Vault
  • Example Resources: Vaults, keys/key versions, secrets/secret versions, dumped secret values.
  • Category: Enumeration
  • Module Path: modules.vault.enumeration.enum_vault
  • Author: Scott (@WebbinRoot)
  • What It Does: Enumerate Vault resources

Get/Download Notes

  • --download triggers secret-value dumping behavior (same effect as --dump).
  • Use --get-requests for secret-version GET calls.
  • Default download paths:
    • ./ocinferno_output/<workspace>/downloads/vault/<vault_id>/...

Supported Flags

Flag(s) Description Details
--dump Dump secret plaintext to disk (never printed) action=store_true
--dump-all-versions Force dump of all versions action=store_true
--get-requests Also GET each secret version action=store_true
--key-id Key OCID scope (repeatable). action=append
--key-versions Enumerate key versions action=store_true
--keys Enumerate keys action=store_true
--persist-manual-ids Persist minimal manual IDs when provided action=store_true
--secret-id Secret OCID scope (repeatable). action=append
--secret-name Dump-by-name flow (requires exactly one vault_id)
--secret-version-name Secret version name label for retrieval
--secrets Enumerate secrets action=store_true
--stage Secret stage for retrieval (e.g., CURRENT)
--vault-endpoint Vault management endpoint for manual --vault-id
--vault-id Vault OCID scope (repeatable). action=append
--vaults Enumerate vaults action=store_true
--version-number Secret version number for retrieval (int)
--version-range Version range list for retrieval, e.g. 1-5 or 1,3,5-7
--versions List secret versions action=store_true

Home | Getting Started | Auth | Workspace | CLI Modules | Downloads to Disk | Data View/Export | OpenGraph - Node/Edge Tables | OpenGraph - Default Priv Escalation Mode | OpenGraph - IAM Conditionals | OpenGraph - Inheritance & IncludeAll | ConfigChecker - Static Config Checks

OCInferno Wiki

Core Operations

Graph and Security

Config Checks

Project

Clone this wiki locally