AWS Penetration Testing
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill provides numerous commands for invasive operations.
- Specifically, it uses
aws ssm send-commandto execute arbitrary shell scripts on remote EC2 instances. - It details the use of
aws lambda update-function-codeto overwrite existing function logic with custom code. - DATA_EXFILTRATION (HIGH): The skill contains explicit procedures for extracting sensitive information:
- Techniques for SSRF to the EC2 Metadata Service (IMDSv1/v2) to extract temporary IAM credentials.
- Instructions for cloning and mounting EBS volumes to steal sensitive files such as Active Directory databases (
ntds.dit). - Commands for recursive S3 bucket downloads (
aws s3 sync). - REMOTE_CODE_EXECUTION (HIGH): The skill provides a functional Python script (
code.py) designed to be injected into an AWS Lambda function to grant the attacker 'AdministratorAccess'. This pattern of generating and deploying malicious payloads constitutes a high-risk RCE vector. - EXTERNAL_DOWNLOADS (MEDIUM): The skill automates the installation of an offensive toolkit from several GitHub repositories (
RhinoSecurityLabs/pacu,andresriancho/enumerate-iam,NetSPI/aws_consoler). Although these are known security tools, the automated acquisition of an attack arsenal increases the skill's risk profile. - PERSISTENCE & STEALTH (HIGH): A dedicated section 'Covering Tracks' provides commands to delete or disable AWS CloudTrail logs (
aws cloudtrail delete-trail), which is a primary indicator of malicious intent rather than a defensive audit.
Recommendations
- AI detected serious security threats
Audit Metadata