Pacu is a command-line Python-based exploitation framework for AWS.
Pacu can be used on Amazon S3 buckets, EC2, Lambda functions, and more.
Installation
sudo apt install pacuHelp
pacu -hUsage
You first need to set access keys.
pacuSet AWS access keys
set_keys <key?>List all modules
listEnumeration of AWS IAM users and roles
Like group memberships and permissions levels.
run iam__enum_permissions --all-users --all-rolesEnumerate all resources in current user account
run aws__enum_accountLambda function enumeration
Can find credentials or license keys in environment variables within functions. You can copy/paste the “Location URL” in a browser to download the function code and analyze using Bandit.
run lambda__enumPrivilege Escalation
Scan IAM users or roles that have an available path for privilege escalation
run iam__privesc_scan --offlineExecute privilege escalation with the current user
run iam__privesc_scan