Skills
skills/dokhacgiakhoa/antigravity-ide/AWS Penetration Testing

AWS Penetration Testing

SKILL.md

AWS Penetration Testing

Purpose

Provide comprehensive techniques for penetration testing AWS cloud environments. Covers IAM enumeration, privilege escalation, SSRF to metadata endpoint, S3 bucket exploitation, Lambda code extraction, and persistence techniques for red team operations.

Inputs/Prerequisites

  • AWS CLI configured with credentials
  • Valid AWS credentials (even low-privilege)
  • Understanding of AWS IAM model
  • Python 3, boto3 library
  • Tools: Pacu, Prowler, ScoutSuite, SkyArk

Outputs/Deliverables

  • IAM privilege escalation paths
  • Extracted credentials and secrets
  • Compromised EC2/Lambda/S3 resources
  • Persistence mechanisms
  • Security audit findings

Essential Tools

Tool Purpose Installation
Pacu AWS exploitation framework git clone https://github.com/RhinoSecurityLabs/pacu
SkyArk Shadow Admin discovery Import-Module .\SkyArk.ps1
Prowler Security auditing pip install prowler
ScoutSuite Multi-cloud auditing pip install scoutsuite
enumerate-iam Permission enumeration git clone https://github.com/andresriancho/enumerate-iam
Principal Mapper IAM analysis pip install principalmapper

Core Workflow

🧠 Knowledge Modules (Fractal Skills)

1. Step 1: Initial Enumeration

2. Step 2: IAM Enumeration

3. Step 3: Metadata SSRF (EC2)

4. Shadow Admin Permissions

5. Create Access Key for Another User

6. Attach Admin Policy

7. Add Inline Admin Policy

8. Lambda Privilege Escalation

9. Bucket Discovery

10. Bucket Enumeration

11. Public Bucket Search

12. Mount EBS Volume

13. Shadow Copy Attack (Windows DC)

14. Disable CloudTrail

15. Example 1: SSRF to Admin

Weekly Installs
0
Repository
dokhacgiakhoa/a…vity-ide
GitHub Stars
383
First Seen
Jan 1, 1970
Security Audits
Gen Agent Trust HubFail
SocketFail
SnykFail