Pacu is one exploitation open source framework for AWS, designed for security testing in a cloud environment.
Created by Rhino Security Labs, it allows pentesters to exploit exploit configuration flaws in an AWS account, using modules for ease of use.
Its current modules allow a range attacks, such as privilege escalation, backdooring by IAM users, attacks in vulnerable Lambda functions and more.
Basic features
- Complete security-testing toolcase for AWS, backed by a leading cyber security company.
- Wide range of powerful scanning and exploitation capabilities offered by 36 units (and counting) * and can be connected together.
- It is open source where allows for easy control and improvement of its community
Installation
git clone https://github.com/RhinoSecurityLabs/pacu
> cd pacu
> bash install.sh
> python3 pacu.py
More information about the program, you will find here.