pacu

Pacu is an open-source AWS exploitation framework built for penetration testers and red teamers. It provides modular tooling to enumerate, manipulate, and escalate within AWS environments by leveraging misconfigurations and overly permissive IAM policies. Imagine it like the cloud's Metasploit.

# Import an AWS profile from the get-go
pacu --import-keys iam_enum

# Import an AWS profile within pacu
Pacu (iam_enum:No Keys Set) > import_keys iam_enum

# Check user's details
Pacu (iam_enum:imported-iam_enum) > whoami

# Search for specific modules
Pacu (iam_enum:imported-iam_enum) > search iam

# Find more about the target module
Pacu (iam_enum:imported-iam_enum) > help  iam__enum_users_roles_policies_groups

# List all IAM-related data found
Pacu (cybr:imported-iam_enum) > data iam

Common modules:

# Enumerate the current's user permissions
Pacu (cybr:imported-iam_enum) > run iam__enum_permissions

# Enumerate the current's user permissions via a BFA
Pacu (ec2_ssrf:imported-ec2_ssrf_1) > run iam__bruteforce_permissions --region us-east-1

# Enumerate everything
Pacu (iam_enum:imported-iam_enum) > run iam__enum_users_roles_policies_groups

Previousaws NextExternal Platforms

Last updated 5 months ago