Tools

Some tools that you can use during your penetration test on AWS.

ScoutSuite

GitHub - nccgroup/ScoutSuite: Multi-Cloud Security Auditing ToolGitHub

Pacu

GitHub - RhinoSecurityLabs/pacu: The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.GitHub

Pmapper

GitHub - nccgroup/PMapper: A tool for quickly evaluating IAM permissions in AWS.GitHub

Commands

Copy your env credentials and run these commands

export AWS_ACCESS_KEY_ID="zzzzzzzzz"
export AWS_SECRET_ACCESS_KEY="zzzzzzz"
export AWS_SESSION_TOKEN="zzzzzzzz"

This command will collect information from your

pmapper graph create

List embedded queries

pmapper query list

Learn privilege escalation paths

pmapper --account "it_will_give_you_after_first_command" query -s 'preset privesc *'

Who can create user in resources.

pmapper query 'who can do iam:CreateUser'

some refences:

• https://github.com/nccgroup/PMapper/wiki/Query-Reference

• https://securityonline.info/pmapper/?utm_content=cmp-true

• https://www.kitploit.com/2018/08/pmapper-tool-for-quickly-evaluating-iam.html?m=0

Links

https://github.com/toniblyx/my-arsenal-of-aws-security-tools