Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its functionality. Current modules enable a range of attacks, including user privilege escalation, backdooring of IAM users, attacking vulnerable Lambda functions, and much more.

Para privilege escalation  iam_privesc_scan igual puedes obtener console access.


Puedes hacer ls para enlistar modules, search x para encontrar modules, privesc_scan para privilege escalation, run add_ec2_startup_sh_script –script …. va a asociar un script y cada vas que se reinicia la maquina lo va a ejecutar (por ejemplo una reverse shell)