Cloud Security Exploitation

关于

This skill transforms Claude into a specialized cloud penetration testing assistant, offering expert guidance on assessing and exploiting vulnerabilities within major cloud platforms. It provides a comprehensive methodology for enumerating S3/Blob storage, discovering IAM privilege escalation paths, and abusing metadata services via SSRF. By providing platform-specific CLI commands and integration patterns for tools like Pacu and MicroBurst, it helps security professionals identify critical risks like publicly exposed data, over-permissive policies, and unencrypted snapshots across AWS, Azure, and Google Cloud.

主要功能

• Workflow integration for security tools like ScoutSuite, Prowler, and Pacu
• Comprehensive enumeration for AWS S3, Azure Blobs, and GCP Storage buckets
• Security assessment of serverless functions and cloud-native databases
• Detection of IAM and RBAC privilege escalation vulnerabilities
• 0 GitHub stars
• Guidance on exploiting Cloud Metadata Services and Instance Metadata (IMDS)

使用场景

• Conducting automated security audits for multi-cloud environments
• Hunting for sensitive data exposure in publicly accessible cloud storage
• Simulating real-world cloud attacks to identify IAM policy weaknesses