Pacu - The Aws Exploitation Framework, Designed For Testing The Safety Of Amazon Spider Web Services Environments


Pacu is an opened upwards source AWS exploitation framework, designed for offensive safety testing against cloud environments. Created as well as maintained yesteryear Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws inside an AWS account, using modules to easily expand its functionality. Current modules enable a arrive at of attacks, including user privilege escalation, backdooring of IAM users, attacking vulnerable Lambda functions, as well as much more.

Installation
Pacu is a fairly lightweight program, equally it requires only Python3.5+ as well as pip3 to install a handful of Python libraries. Running install.sh volition banking corporation fit your Python version as well as ensure all Python packages are upwards to date.

Quick Installation
  > git clone https://github.com/RhinoSecurityLabs/pacu   > cd pacu   > bash install.sh   > python3 pacu.py
For a to a greater extent than detailed as well as user-friendly laid of user instructions, delight banking corporation fit out the Wiki's installation guide.

Pacu's Modular Power
Pacu uses a arrive at of plug-in modules to attention an assailant inward enumeration, privilege escalation, information exfiltration, service exploitation, as well as log manipulation inside AWS environments. At present, Pacu has 36 modules for executing AWS attacks, but we'll hold out working difficult to add together to a greater extent than modules inward the future, as well as suggestions for novel modules (or fifty-fifty contributions of whole completed modules) are welcome.
In guild to buy the farm along measuring alongside ongoing AWS production developments, we've designed Pacu from the the world upwards alongside extensibility inward mind. Influenza A virus subtype H5N1 mutual syntax as well as information construction keeps modules tardily to laid upwards as well as expand on - no necessitate to specify AWS regions or brand redundant permission checks betwixt modules. Influenza A virus subtype H5N1 local SQLite database is used to contend as well as manipulate retrieved data, minimizing API calls (and associated logs). Reporting as well as assail auditing is also built into the framework; Pacu assists the documentation procedure through control logging as well as exporting, helping laid upwards a timeline for the testing process.
We'll hold out working on amend Pacu's amount capabilities as well as edifice out a well-documented ecosystem thence that cybersecurity researchers as well as developers tin ship away brand novel modules chop-chop as well as easily.

Community
We're ever happy to teach bugs reports inward the Pacu framework itself, equally good equally testing as well as feedback on dissimilar modules, as well as mostly critical feedback to aid refine the framework. We promise to meet this grow into a fundamental open-source tool for testing AWS security, as well as nosotros necessitate your aid to brand that happen! Any back upwards towards this endeavour through use, testing, improvement, or but yesteryear spreading the word, would hold out real much appreciated.
If you're interested inward contributing straight to the Pacu Framework itself, delight read our contribution guidelines for code conventions as well as git menstruum notes.

Developing Pacu Modules
If you're interested inward writing your ain modules for Pacu, banking corporation fit out our Module Development wiki page. As you lot railroad train novel capabilities delight attain out to us -- we'd dearest to add together your novel modules into the amount collection that comes alongside Pacu.

Pacu Framework Development Goals
  • Improve interface formatting
  • Database forward-migrations as well as version tracking
  • "Attack Playbooks" to allow for easier exercise of complex module execution chains
  • Colored console output
  • Module Dry-Run functionality
  • Allow exercise of standalone config files
  • Plugin architecture improvements

Notes
  • Pacu is officially supported inward OSX as well as Linux.
  • Pacu is Open-Source Software, as well as is distributed alongside a BSD-3-Clause License.

Getting Started
The commencement fourth dimension Pacu is launched, you lot volition hold out prompted to start as well as cite a novel session. This session volition hold out used to shop AWS fundamental pairs, equally good equally whatever information obtained from running diverse modules. You tin ship away get got whatever number of dissimilar sessions inward Pacu, each alongside their ain sets of AWS keys as well as data, as well as resume a session at whatever fourth dimension (though a restart is currently required to switch betwixt sessions).
Modules require an AWS key, which grant you lot minimal access to an AWS environs as well as are comprised of an access fundamental ID as well as a clandestine access key. To laid your session's keys, exercise the set_keys command, as well as thence follow the prompts to render a fundamental alias (nickname for reference), an AWS access fundamental ID, an AWS clandestine access key, as well as an AWS session token (if you lot are using one).
If you lot are ever stuck, help volition convey upwards a listing of commands that are available.

Basic Commands inward Pacu
  • list volition listing the available modules for the regions that were laid inward the electrical flow session.
  • help module_name volition render the applicable aid information for the specified module.
  • run module_name volition run the specified module alongside its default parameters.
  • run module_name --regions eu-west-1,us-west-1 volition run the specified module against the eu-west-1 as well as us-west-1 regions (for modules that back upwards the --regions argument)

Submitting Requests / Bug Reports
  • Report vulnerabilities inward Pacu straight to us via email: pacu@rhinosecuritylabs.com .
  • Pacu creates fault logs inside each session's folder, equally good equally a global fault log for out-of-session errors which is created inward the head directory. If you lot can, delight include these logs alongside your põrnikas reports, equally it volition dramatically simplify the debugging process.
  • If you lot get got a characteristic request, an idea, or a põrnikas to report, delight submit them here.
    • Please include a description sufficient to reproduce the põrnikas you lot found, including tracebacks as well as reproduction steps, as well as banking corporation fit for other reports of your põrnikas earlier filing a novel põrnikas report. Don't submit duplicates.

Wiki
For walkthroughs as well as total documentation, delight take in the Pacu wiki.

Contact Us

Disclaimers, as well as the AWS Acceptable Use Policy
  • To the best of our noesis Pacu's capabilities are compliant alongside the AWS Acceptable Use Policy, but equally a flexible as well as modular tool nosotros cannot guarantee this volition hold out truthful inward every situation. It is solely your responsibleness to ensure that how you lot exercise Pacu is compliant alongside the AWS Acceptable Use Policy.
  • Depending on what AWS services you lot exercise as well as what your planned testing entails, you lot may necessitate to request ascendancy from Amazon prior to genuinely running Pacu against your infrastructure. Determining whether or non such ascendancy is necessary is your responsibility.
  • As alongside whatever penetration testing tool, it is your responsibleness to teach proper ascendancy earlier using Pacu exterior of your ain environment.
  • Pacu is software that comes alongside absolutely no warranties whatsoever. By using Pacu, you lot accept total responsibleness for whatever as well as all outcomes that result.