pacu
pacu copied to clipboard
RhinoSecurityLabs
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
* Don't kill Pacu on Ctrl-C * Ctrl-D is the right way to end a shell session, Ctrl-C should more likely kill a running module. * Support using credentials from...
Several PR's where merged recently adding various modules, the page at https://github.com/RhinoSecurityLabs/pacu/wiki/Module-Details needs to be updated to reflect this.
This module can be used to delete detector IDs based on region or detector ID which will stop Guardduty from functioning for specified regions. By providing, 'all' as input for...
Given the detector ID and finding ID which can be determined from a separate module called `guardduty__list_findings`, a region is determined and the finding is archived hidden from view, by...
I would love for this to check to the EKS permissions for managed k8s **Describe the solution you'd like** during the checks or a new check to see if there...
Hi - I get the below error message when running bash install.sh on ec2/linux2. I tried as root. pip3 list shows the correct modules installed. But python3 pacu.py shows an...
Many of the modules make changes to the AWS account (as per the wiki)... Although it SHOULD be assumed that no one will use this without RTFM.... It might be...
The following permissions are not being discovered via bruteforce; "Effect": "Allow", "Action": "ecr:GetAuthorizationToken" as well as "Effect": "Allow", "Action": [ "ecr:GetAuthorizationToken", "ecr:BatchCheckLayerAvailability", "ecr:GetDownloadUrlForLayer", "ecr:GetRepositoryPolicy", "ecr:DescribeRepositories", "ecr:ListImages", "ecr:DescribeImages", "ecr:BatchGetImage", "ecr:InitiateLayerUpload", "ecr:UploadLayerPart",...
Reference: https://twitter.com/vulnerablecode/status/1258440994271313921
Metadata
Owner
Metadata
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.