creator/Anthropic-Cybersecurity-Skills
1
0
Fork 0
mirror of https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git synced 2026-06-11 13:44:56 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
27c6414ca5ae1b96adc7b36e2e486db95cbcb7c0
Anthropic-Cybersecurity-Skills/skills/conducting-cloud-penetration-testing/references/api-reference.md
T
mukul975 27c6414ca5 Add folder anatomy (scripts/agent.py + references/api-reference.md) for 648 cybersecurity skills 
Complete skill folder anatomy across all cybersecurity skills:
- scripts/agent.py: 80-150 line Python agents using real libraries (impacket,
  boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.)
- references/api-reference.md: real API documentation with method signatures
- LICENSE: MIT license for all skill folders
2026-03-10 21:02:12 +01:00

2.3 KiB
Raw Blame History

API Reference: Cloud Penetration Testing Agent

Overview

Enumerates AWS IAM users, roles, cross-account trusts, IMDSv1 instances, public S3 buckets, and Lambda secrets to identify privilege escalation paths and misconfigurations. For authorized penetration testing only.

Dependencies

Package Version Purpose
requests >=2.28 HTTP API calls
AWS CLI >=2.0 AWS service enumeration (subprocess)

CLI Usage

python agent.py --profile target-account --output pentest_report.json

Key Functions

enumerate_iam_users()

Lists all IAM users with username, ARN, and creation date via aws iam list-users.

enumerate_iam_roles()

Lists IAM roles and identifies cross-account trust relationships by inspecting AssumeRolePolicyDocument principals.

check_imds_v1_instances()

Identifies running EC2 instances with IMDSv1 enabled (HttpTokens: optional), vulnerable to SSRF credential theft.

check_public_s3_buckets()

Enumerates S3 buckets and checks each for public policy status via get-bucket-policy-status.

check_lambda_env_secrets()

Inspects Lambda function environment variables for sensitive keys (password, secret, token, api_key).

test_privesc_create_policy_version(policy_arn)

Tests if a policy allows iam:CreatePolicyVersion permission which enables privilege escalation.

AWS CLI Commands Used

Command Purpose
aws iam list-users Enumerate IAM users
aws iam list-roles Enumerate roles and trust policies
aws ec2 describe-instances Check IMDS configuration
aws s3api list-buckets List S3 buckets
aws s3api get-bucket-policy-status Check public access
aws lambda list-functions Enumerate Lambda functions
aws lambda get-function-configuration Inspect env vars
aws iam simulate-principal-policy Test IAM permissions

MITRE ATT&CK Cloud Mapping

Technique ID Function
Cloud Account Discovery T1087.004 enumerate_iam_users
Steal Application Access Token T1528 check_lambda_env_secrets
Unsecured Credentials: Cloud Instance Metadata T1552.005 check_imds_v1_instances
Valid Accounts: Cloud Accounts T1078.004 enumerate_iam_roles
Reference in New Issue View Git Blame Copy Permalink