AWS Tools Cheatsheet

Cloud Pentest

Enumerate IAM

https://github.com/andresriancho/enumerate-iam

python3 enumerate-iam.py --access-key <ACCESS-KEY-ID> --secret-key <SECRET-KEY-ID> --session-token <SESSION-TOKEN-VALUE>

ScoutSuite

https://github.com/nccgroup/ScoutSuite

scout aws --profile my-aws-cli-profile
aws sts get-caller-identity
scout aws

(venv) haxor@MacBook ScoutSuite % aws configure --profile test-scoutsuite-profile
AWS Access Key ID [None]: ASINHUY4IRE
AWS Secret Access Key [None]: KPhciXKAr6WA2ajT
Default region name [None]: us-west-2
Default output format [None]: 

(venv) haxor@MacBook ScoutSuite % nano ~/.aws/credentials
(venv) haxor@MacBook ScoutSuite % cat ~/.aws/credentials
[test-scoutsuite-profile]
aws_access_key_id = ASIATCNHUY4IRE
aws_secret_access_key = KPhciXKQaO40Ar6WA2ajT
aws_session_token = IQoJb3JpZ2lKElHBeM4fwCjFXptAUg+h/4INjXs

(venv) haxor@MacBook ScoutSuite % python3 scout.py aws --profile test-scoutsuite-profile

More Useful Commands

aws cognito-identity get-id --identity-pool-id us-west-2:626ca48e-0ded-4f7f-8d3e-33263fb05e2d --region us-west-2 —session-token 

aws apigatewayv2 get-domain-names --region us-west-2 

docker run -ti --rm --name prowler --env AWS_ACCESS_KEY_ID --env AWS_SECRET_ACCESS_KEY --env AWS_SESSION_TOKEN toniblyx/prowler:latest

Leave a Reply

Your email address will not be published. Required fields are marked *