pacu v1.5 releases: AWS penetration testing toolkit

by do son · Published June 18, 2019 · Updated January 7, 2024

Pacu

Pacu is an open-source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its functionality. Current modules enable a range of attacks, including user privilege escalation, backdooring of IAM users, attacking vulnerable Lambda functions, and much more.

pacu

Key Features

Comprehensive AWS security-testing toolkit, supported by a leading cybersecurity firm.
Wide range of powerful scanning and exploitation capabilities offer by 36 modules (and counting)* which can be chained together.
Open-source and modular structure allows easy auditing and community-driven improvement.

Pacu’s Modular Power

Pacu uses a range of plug-in modules to assist an attacker in the enumeration, privilege escalation, data exfiltration, service exploitation, and log manipulation within AWS environments. At present, Pacu has 36 modules for executing AWS attacks, but we’ll be working hard to add more modules in the future, and suggestions for new modules (or even contributions of whole completed modules) are welcome.

In order to keep pace with ongoing AWS product developments, we’ve designed Pacu from the ground up with extensibility in mind. A common syntax and data structure keep modules easy to build and expand on – no need to specify AWS regions or make redundant permission checks between modules. A local SQLite database is used to manage and manipulate retrieved data, minimizing API calls (and associated logs). Reporting and attack auditing is also built into the framework; Pacu assists the documentation process through command logging and exporting, helping build a timeline for the testing process.

We’ll be working on improving Pacu’s core capabilities and building out a well-documented ecosystem so that cybersecurity researchers and developers can make new modules quickly and easily.

Changelog v1.5

Clean up README by @DaveYesland in #382
fix #329 key error issue with iam__privesc_scan by @DaveYesland in #386
Fix #359 #215 update region updating/handeling and remove region filters by @DaveYesland in #379
Remove old install method by @DaveYesland in #383
Enhancement/remove version check add get version by @DaveYesland in #381
Make pacu version expand in workflow for docker version by @DaveYesland in #387
Fix #388 by @DaveYesland in #389
Fix #309 and update some functionality by @DaveYesland in #390