Getting Started

Getting Started

OCI Concepts in 5 Minutes

• Tenancy: top-level OCI account boundary; can think of it like a compartment with a different ID at the root level.
• Compartment: logical scope boundary for resources and IAM policy.
• Principal: identity making API calls (user, group, dynamic group, service principal).
• Region / AD: physical location context for resources and APIs.
• OCID: globally unique OCI resource identifier.

What OCInferno Does

• Authenticates as a selected OCI principal.
• Enumerates OCI services into workspace-backed SQLite tables (enum_all to enumerate all at once).
• Supports deeper detail pulls (--get) and artifact collection (--download).
• Review data in the SQLITE tables or via something like data export excel. Use data export treeimage to get an image of the compartment hierarhcy.
• Runs config finding checks (enum_config_check) over collected data.
• Exports OpenGraph JSON for BloodHound path analysis (enum_oracle_cloud_hound_data.py).

Prerequisites

1. Python 3.10+
2. OCI credentials (API key, security token, instance principal, or resource principal)
3. Explicit authorization to test the target OCI environment

Install and Launch

Install from PIP (https://pypi.org/project/ocinferno/)

virtualenv .venv
source .venv/bin/activate
pip install ocinferno
ocinferno

Install from source checkout:

git clone https://github.com/NetSPI/OCInferno.git
virtualenv .venv
source .venv/bin/activate
pip install -r requirements.txt

Module-entrypoint equivalent:

python -m ocinferno

Proxy behavior summary:

• Main tool launch supports --auth-proxy which applies only to startup auth exchange flows and probably is N/A in most cases.
• All other proxy configuratons can be set with --proxy flag per module or setting a proxy in configs to set a workspace config proxy.

First Interactive Session

1. Add or select credentials at startup.
2. Verify compartment visibility:

modules run enum_comp --save

3. Run full baseline collection:

modules run enum_all --download --get --comp --opengraph

4. Export quick review output:

data export excel

Default Excel path:

• ./ocinferno_output/<workspace_id>_<workspace_name>/exports/sqlite_excel/sqlite_blob.xlsx

Example day-one export:

5. Generate a OpenGraph JSON file given the info enumerated. Import this into Bloodhound (see installation instructions) to see a graph output

Where To Go Next

• Auth mode details: Authentication Reference
• Workspace menu options (configs/proxies/cred swapping/etc.): Workspace Instructions
• Module flags and service coverage: CLI Module Reference
• High-value download workflows: Downloads to Disk
• Data querying and exports: Data View/Export
• Graph semantics: OpenGraph - Node/Edge Tables
• Default priv-esc path reference: OpenGraph - Default Priv Escalation Mode
• IAM conditional behavior: OpenGraph - IAM Conditionals
• Inheritance/include-all behavior: OpenGraph - Inheritance & IncludeAll
• Static config findings reference: ConfigChecker - Static Config Checks