AWS 침투 테스트
원문: AWS Penetration Testing
This skill should be used when the user asks to "pentest AWS", "test AWS security", "enumerate IAM", "exploit cloud infrastructure", "AWS privilege escalation", "S3 bucket testing", "metadata SSRF", "Lambda exploitation", or needs guidance on Amazon Web Services security assessme
무엇을 하나요
AWS Penetration Testing Purpose Provide comprehensive techniques for penetration testing AWS cloud environments. Covers IAM enumeration, privilege escalation, SSRF to metadata endpoint, S3 bucket exploitation, Lambda code extraction, and persistence techniques for red team operations. Inputs/Prerequisites AWS CLI configured with credentials Valid AWS credentials (even low privilege) Understanding of AWS IAM model Python 3, boto3 library Tools: Pacu, Prowler, ScoutSuite, SkyArk Outputs/Deliverables IAM privilege escalation paths Extracted credentials and secrets Compromised EC2/Lambda/S3 resources Persistence mechanisms Security audit findings Essential Tools | Tool | Purpose | Installation |…
실행 시 본인 API 키(BYOK)로 동작하며, 모델 비용은 사용자 계정에서 직접 결제됩니다.