Cloud Pen-testing Part -4

## Other AWS Tools

### WeirdAAL
https://github.com/carnal0wnage/weirdAAL

Run recon against all AWS services to enumerate access for a set of keys

```shell
python3 weirdAAL.py -m recon_all -t <name>

Pacu

AWS exploitation framework https://github.com/RhinoSecurityLabs/pacu

Install Pacu

sudo apt-get install python3-pip
git clone https://github.com/RhinoSecurityLabs/pacu
cd pacu
sudo bash install.sh

Import AWS keys for a specific profile

import_keys <profile name>

Detect if keys are honey token keys

run iam__detect_honeytokens

Enumerate account information and permissions

run iam__enum_users_roles_policies_groups
run iam__enum_permissions
whoami

Check for privilege escalation

run iam__privesc_scan

Google Cloud Platform CLI Tool Cheatsheet

Authentication

Authentication with gcloud

# User identity login
gcloud auth login

# Service account login
gcloud auth activate-service-account --key-file creds.json

List accounts available to gcloud

gcloud auth list

Account Information

Get account information

gcloud config list

List organizations

gcloud organizations list

Enumerate IAM policies set ORG-wide

gcloud organizations get-iam-policy <org ID>

Enumerate IAM policies set per project

gcloud projects get-iam-policy <project ID>

List projects

gcloud projects list

Set a different project

gcloud config set project <project name>

Gives a list of all APIs that are enabled in the project

gcloud services list

Get source code repos available to the user

gcloud source repos list

Clone repo to home dir

gcloud source repos clone <repo_name>

PreviousCloud Pen-testing Part -3 NextCloud Pen-testing Part -5

Last updated 2 years ago

Was this helpful?