Pacu

Pacu is a command-line Python-based exploitation framework for AWS.

Pacu can be used on Amazon S3 buckets, EC2, Lambda functions, and more.

Installation

sudo apt install pacu

Help

pacu -h

Usage

You first need to set access keys.

pacu

Set AWS access keys

set_keys <key?>

List all modules

list

Enumeration of AWS IAM users and roles

Like group memberships and permissions levels.

run iam__enum_permissions --all-users --all-roles

Enumerate all resources in current user account

run aws__enum_account

Lambda function enumeration

Can find credentials or license keys in environment variables within functions. You can copy/paste the “Location URL” in a browser to download the function code and analyze using Bandit.

run lambda__enum

Privilege Escalation

Scan IAM users or roles that have an available path for privilege escalation

run iam__privesc_scan --offline

Execute privilege escalation with the current user

run iam__privesc_scan