AWS Penetration Testing

Purpose

Provide comprehensive techniques for penetration testing AWS cloud environments. Covers IAM enumeration, privilege escalation, SSRF to metadata endpoint, S3 bucket exploitation, Lambda code extraction, and persistence techniques for red team operations.

Inputs/Prerequisites

AWS CLI configured with credentials
Valid AWS credentials (even low-privilege)
Understanding of AWS IAM model
Python 3, boto3 library
Tools: Pacu, Prowler, ScoutSuite, SkyArk

Outputs/Deliverables

IAM privilege escalation paths
Extracted credentials and secrets
Compromised EC2/Lambda/S3 resources
Persistence mechanisms
Security audit findings

Essential Tools

Tool	Purpose	Installation
Pacu	AWS exploitation framework	`git clone https://github.com/RhinoSecurityLabs/pacu`
SkyArk	Shadow Admin discovery	`Import-Module .\SkyArk.ps1`
Prowler	Security auditing	`pip install prowler`
ScoutSuite	Multi-cloud auditing	`pip install scoutsuite`
enumerate-iam	Permission enumeration	`git clone https://github.com/andresriancho/enumerate-iam`
Principal Mapper	IAM analysis	`pip install principalmapper`

Core Workflow

🧠 Knowledge Modules (Fractal Skills)

1. Step 1: Initial Enumeration

AWS Penetration Testing

AWS Penetration Testing

Purpose

Inputs/Prerequisites

Outputs/Deliverables

Essential Tools

Core Workflow

🧠 Knowledge Modules (Fractal Skills)

1. Step 1: Initial Enumeration

2. Step 2: IAM Enumeration

3. Step 3: Metadata SSRF (EC2)

4. Shadow Admin Permissions

5. Create Access Key for Another User

6. Attach Admin Policy

7. Add Inline Admin Policy

8. Lambda Privilege Escalation

9. Bucket Discovery

10. Bucket Enumeration

11. Public Bucket Search

12. Mount EBS Volume

13. Shadow Copy Attack (Windows DC)

14. Disable CloudTrail

15. Example 1: SSRF to Admin

More from dokhacgiakhoa/antigravity-ide

ui-ux-pro-max-skill

notion-mcp

filesystem-mcp

puppeteer-mcp

postgres-mcp

penetration-tester-master