AWS Penetration Testing

Purpose

Provide comprehensive techniques for penetration testing AWS cloud environments. Covers IAM enumeration, privilege escalation, SSRF to metadata endpoint, S3 bucket exploitation, Lambda code extraction, and persistence techniques for red team operations.

Inputs/Prerequisites

• AWS CLI configured with credentials
• Valid AWS credentials (even low-privilege)
• Understanding of AWS IAM model
• Python 3, boto3 library
• Tools: Pacu, Prowler, ScoutSuite, SkyArk

Outputs/Deliverables