Pacu is an open-source AWS exploitation framework primarily tailored for offensive security testing in cloud environments. Rhino Security Labs developed and continues to maintain it. Pacu empowers penetration testers to leverage configuration vulnerabilities within an AWS account. It employs modules that can be easily extended to expand its capabilities, facilitating a variety of attacks, such as user privilege escalation, IAM user backdooring, Lambda function exploitation, and more.
Pacu's Modular Power
Pacu makes use of plug-in modules to perform tasks such as enumeration, privilege escalation, data exfiltration, service exploitation, and log manipulation within AWS environments. With a total of 36 modules for executing AWS attacks, Pacu is intentionally designed for extensibility, simplifying the process of creating and expanding modules. It optimizes performance by utilizing a local SQLite database, which helps minimize API calls, reduce logs, and streamline reporting and attack auditing procedures.
Installation
Usage
- pacu --help will display the help menu
- pacu --session <session name> sets the session to use for commands that require one
- pacu --list-modules will list all modules available (does not require session)
- pacu --pacu-help will list the pacu help window (does not require session)
- pacu --module-name <module name> the name of a module to perform an action on, you can execute or get information on the module
- pacu --exec execute the module provided in --module-name
- pacu --module-info get information on the module provided in --module-name
- pacu --data <service name || all> query the local SQLAlchemy database to retrieve enumerated information
- pacu --module-args="<arg1> <value> <arg2> <value>" supply optional module arguments to the module being executed
- pacu --set-regions <region1 region2 || all> set the regions to use in the session, separate regions by a space or enter all for all regions
- pacu --whoami get information about the current user
Screenshot of the work
