CtrlK
BlogDocsLog inGet started
Tessl Logo

aws-penetration-testing

This skill should be used when the user asks to "pentest AWS", "test AWS security", "enumerate IAM", "exploit cloud infrastructure", "AWS privilege escalation", "S3 bucket testing...

Install with Tessl CLI

npx tessl i github:boisenoise/skills-collections --skill aws-penetration-testing
What are skills?

77

Quality

72%

Does it follow best practices?

Impact

Pending

No eval scenarios have been run

Optimize this skill with Tessl

npx tessl skill review --optimize ./skills/antigravity-aws-penetration-testing/SKILL.md
SKILL.md
Review
Evals

Evaluation results

87%

-8%

AWS Security Assessment Automation Script

IAM enumeration workflow and tool selection

Criteria
Without context
With context

Identity check first

100%

100%

enumerate-iam integration

100%

100%

Principal Mapper usage

100%

100%

Pacu over Kali tools

100%

0%

List users command

100%

100%

List roles command

100%

100%

Attached policies enumeration

100%

100%

Inline policies enumeration

100%

100%

Policy version detail

100%

100%

Audit log to file

100%

100%

Authorization header comment

100%

100%

Cleanup reference

100%

100%

Groups for user

100%

100%

Cloudsplaining or cloudmapper

0%

0%

Without context: $0.2954 · 1m 48s · 12 turns · 17 in / 6,677 out tokens

With context: $0.5948 · 2m 21s · 20 turns · 5,456 in / 7,716 out tokens

100%

EC2 Metadata Service Credential Exposure — Technical Assessment Guide

SSRF metadata endpoint exploitation methodology

Criteria
Without context
With context

IMDSv2 check first

100%

100%

IMDSv1 endpoint

100%

100%

IMDSv2 PUT token request

100%

100%

IMDSv2 TTL header

100%

100%

IMDSv2 token usage header

100%

100%

IAM role credential path

100%

100%

Fargate environment variable

100%

100%

Fargate credential endpoint

100%

100%

Credential fields

100%

100%

Configure CLI with stolen creds

100%

100%

Verify access step

100%

100%

Without context: $0.3084 · 2m 10s · 11 turns · 18 in / 6,553 out tokens

With context: $0.5223 · 3m 9s · 18 turns · 23 in / 8,617 out tokens

100%

34%

IAM Privilege Escalation Risk Assessment

Shadow admin privilege escalation analysis

Criteria
Without context
With context

iam:CreateAccessKey listed

100%

100%

iam:AttachUserPolicy listed

100%

100%

iam:PutUserPolicy listed

100%

100%

iam:AddUserToGroup listed

100%

100%

iam:PassRole + ec2:RunInstances combo

100%

100%

lambda:UpdateFunctionCode listed

100%

100%

iam:CreateLoginProfile listed

100%

100%

Lambda injection code uses boto3

0%

100%

Lambda update-function-code command

0%

100%

AdministratorAccess ARN correct

100%

100%

SkyArk recommended

0%

100%

Principal Mapper recommended

0%

100%

Cleanup step included

100%

100%

create-access-key CLI command

100%

100%

Without context: $0.2956 · 2m 14s · 8 turns · 13 in / 6,959 out tokens

With context: $0.4441 · 2m 31s · 15 turns · 151 in / 7,456 out tokens

Evaluated
Agent
Claude Code
Model
Claude Sonnet 4.6

Table of Contents

AWS Security Assessment Automation ScriptEC2 Metadata Service Credential Exposure — Technical Assessment GuideIAM Privilege Escalation Risk Assessment

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.

Claim skill