PACU

Pacu is an open-source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its functionality. Current modules enable a range of attacks, including user privilege escalation, backdooring of IAM users, attacking vulnerable Lambda functions, and much more.

python3 pacu.py
set_keys

Enumerate IAM entities using the iam__enum_users_roles_policies_groups

CloudEnum

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

https://github.com/initstring/cloud_enum

Tools

actions2aws Assume AWS IAM roles from GitHub Actions workflows with no stored secrets. rpCheckup rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources. policy-compliance-scan A GitHub action that scans Azure resources for policy violations.

iamlive Generate basic AWS IAM policies using client-side monitoring of calls made from the AWS CLI or SDKs. iam-role-enumeration Another way to enumerate AWS IAM users/roles without being authenticated to the victim account. cloudlist Cloudlist is a tool for listing Assets (Hostnames, IP Addresses) from multiple Cloud Providers. kctf kCTF is a Kubernetes-based infrastructure for CTF competitions.