AWS Penetration Testing
This skill should be used when the user asks to "pentest AWS", "test AWS security", "enumerate IAM", "exploit cloud infrastructure", "AWS privilege escalation", "S3 bucket testing", "metadata SSRF", "Lambda exploitation", or needs guidance on Amazon Web Services security assessment.
Overall
score
18%
Does it follow best practices?
If you maintain this skill, you can automatically optimize it using the tessl CLI to improve its score:
npx tessl skill review --optimize ./path/to/skillValidation for skill structure
AWS Penetration Testing
Purpose
Provide comprehensive techniques for penetration testing AWS cloud environments. Covers IAM enumeration, privilege escalation, SSRF to metadata endpoint, S3 bucket exploitation, Lambda code extraction, and persistence techniques for red team operations.
Inputs/Prerequisites
- AWS CLI configured with credentials
- Valid AWS credentials (even low-privilege)
- Understanding of AWS IAM model
- Python 3, boto3 library
- Tools: Pacu, Prowler, ScoutSuite, SkyArk
Outputs/Deliverables
- IAM privilege escalation paths
- Extracted credentials and secrets
- Compromised EC2/Lambda/S3 resources
- Persistence mechanisms
- Security audit findings
Essential Tools
| Tool | Purpose | Installation |
|---|---|---|
| Pacu | AWS exploitation framework | git clone https://github.com/RhinoSecurityLabs/pacu |
| SkyArk | Shadow Admin discovery | Import-Module .\SkyArk.ps1 |
| Prowler | Security auditing | pip install prowler |
| ScoutSuite | Multi-cloud auditing | pip install scoutsuite |
| enumerate-iam | Permission enumeration | git clone https://github.com/andresriancho/enumerate-iam |
| Principal Mapper | IAM analysis | pip install principalmapper |
Core Workflow
🧠 Knowledge Modules (Fractal Skills)
1. Step 1: Initial Enumeration
2. Step 2: IAM Enumeration
3. Step 3: Metadata SSRF (EC2)
4. Shadow Admin Permissions
5. Create Access Key for Another User
6. Attach Admin Policy
7. Add Inline Admin Policy
8. Lambda Privilege Escalation
9. Bucket Discovery
10. Bucket Enumeration
11. Public Bucket Search
12. Mount EBS Volume
13. Shadow Copy Attack (Windows DC)
14. Disable CloudTrail
15. Example 1: SSRF to Admin
- Repository
- github.com/Dokhacgiakhoa/antigravity-ide
- Last updated
- Created
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.