Pacu
Advanced
AWS exploitation framework for penetration testing
https://github.com/RhinoSecurityLabs/pacuInstallation
# Clone repository
git clone https://github.com/RhinoSecurityLabs/pacu.git
cd pacu
pip3 install -r requirements.txt
# Install Pacu
python3 install.pyUsage
Basic Usage
# Start Pacu
python3 pacu.py
# Create new session
Pacu (no session) > new_session session_name
# Set AWS keys
Pacu (session_name) > set_keys
# List available modules
Pacu (session_name) > list
# Search for modules
Pacu (session_name) > search s3
# Run a module
Pacu (session_name) > run module_nameCommon Modules
# AWS account enumeration
run iam__enum_users_roles_policies_groups
# S3 bucket enumeration
run s3__bucket_finder
# EC2 enumeration
run ec2__enum
# Lambda enumeration
run lambda__enum
# RDS enumeration
run rds__enum
# CloudTrail enumeration
run cloudtrail__download_event_history
# IAM privilege escalation
run iam__privesc_scanSession Management
# List sessions
list_sessions
# Switch session
swap_session session_name
# Export session data
export_keys
# Import session data
import_keys