Pacu – The AWS Exploitation Framework, Designed For Testing The Security Of Amazon Web Services Environments

Pacu - The AWS Exploitation Framework, Designed For Testing The Security Of Amazon Web Services Environments

Pacu is an open supply AWS exploitation framework, designed for offensive safety testing in opposition to cloud environments. Created and maintained by Rhino Security Labs, Pacu permits penetration testers to use configuration flaws inside an AWS account, utilizing modules to simply broaden its performance. Current modules allow a spread of assaults, together with person privilege escalation, backdooring of IAM customers, attacking susceptible Lambda features, and far more.

Pacu is a reasonably light-weight program, because it requires solely Python3.5+ and pip3 to put in a handful of Python libraries. Running set will verify your Python model and guarantee all Python packages are updated.

Quick Installation

  > git clone
  > cd pacu
  > bash set
  > python3

For a extra detailed and person-pleasant set of person directions, please take a look at the Wiki’s installation guide.

Pacu’s Modular Power
Pacu makes use of a spread of plug-in modules to help an attacker in enumeration, privilege escalation, information exfiltration, service exploitation, and log manipulation inside AWS environments. At current, Pacu has 36 modules for executing AWS assaults, however we’ll be working onerous so as to add extra modules sooner or later, and strategies for brand spanking new modules (and even contributions of entire accomplished modules) are welcome.
In order to maintain tempo with ongoing AWS product developments, we have designed Pacu from the bottom up with extensibility in thoughts. A typical syntax and information construction retains modules straightforward to construct and broaden on – no have to specify AWS areas or make redundant permission checks between modules. An area SQLite database is used to handle and manipulate retrieved information, minimizing API calls (and related logs). Reporting and assault auditing can be constructed into the framework; Pacu assists the documentation course of via command logging and exporting, serving to construct a timeline for the testing course of.
We’ll be engaged on enhance Pacu’s core capabilities and constructing out a properly-documented ecosystem in order that cybersecurity researchers and builders could make new modules shortly and simply.

We’re at all times completely satisfied to get bugs stories within the Pacu framework itself, in addition to testing and suggestions on totally different modules, and customarily important suggestions to assist refine the framework. We hope to see this develop right into a key open-supply instrument for testing AWS safety, and we’d like your assist to make that occur! Any assist in direction of this effort via use, testing, enchancment, or simply by spreading the phrase, can be very a lot appreciated.
If you are taken with contributing on to the Pacu Framework itself, please learn our contribution guidelines for code conventions and git movement notes.

Developing Pacu Modules
If you are taken with writing your personal modules for Pacu, take a look at our Module Development wiki web page. As you develop new capabilities please attain out to us — we might love so as to add your new modules into the core assortment that comes with Pacu.

Pacu Framework Development Goals

  • Improve interface formatting
  • Database ahead-migrations and model monitoring
  • “Attack Playbooks” to permit for simpler use of complicated module execution chains
  • Colored console output
  • Module Dry-Run performance
  • Allow use of standalone config information
  • Plugin structure enhancements


  • Pacu is formally supported in OSX and Linux.
  • Pacu is Open-Source Software, and is distributed with a BSD-3-Clause License.

Getting Started
The first time Pacu is launched, you’ll be prompted to begin and title a brand new session. This session can be used to retailer AWS key pairs, in addition to any information obtained from operating numerous modules. You can have any variety of totally different classes in Pacu, every with their very own units of AWS keys and information, and resume a session at any time (although a restart is at present required to modify between classes).
Modules require an AWS key, which grant you minimal entry to an AWS setting and are comprised of an entry key ID and a secret entry key. To set your session’s keys, use the set_keys command, after which comply with the prompts to produce a key alias (nickname for reference), an AWS entry key ID, an AWS secret entry key, and an AWS session token (if you’re utilizing one).
If you might be ever caught, assist will carry up an inventory of instructions which can be out there.

Basic Commands in Pacu

  • listing will listing the out there modules for the areas that had been set within the present session.
  • assist module_name will return the relevant assist info for the required module.
  • run module_name will run the required module with its default parameters.
  • run module_name --regions eu-west-1,us-west-1 will run the required module in opposition to the eu-west-1 and us-west-1 areas (for modules that assist the –regions argument)

Submitting Requests / Bug Reports

  • Report vulnerabilities in Pacu on to us through e-mail: [email protected] .
  • Pacu creates error logs inside every session’s folder, in addition to a worldwide error log for out-of-session errors which is created in the principle listing. If you possibly can, please embody these logs together with your bug stories, as it’s going to dramatically simplify the debugging course of.
  • If you will have a characteristic request, an concept, or a bug to report, please submit them here.
    • Please embody an outline ample to breed the bug you discovered, together with tracebacks and copy steps, and verify for different stories of your bug earlier than submitting a brand new bug report. Don’t submit duplicates.

For walkthroughs and full documentation, please go to the Pacu wiki.

Contact Us

  • We’d love to listen to from you, regardless of the purpose. Shoot us an e-mail at [email protected] anytime!

Disclaimers, and the AWS Acceptable Use Policy

  • To the perfect of our data Pacu’s capabilities are compliant with the AWS Acceptable Use Policy, however as a versatile and modular instrument we can’t assure this can be true in each scenario. It is totally your duty to make sure that how you utilize Pacu is compliant with the AWS Acceptable Use Policy.
  • Depending on what AWS companies you utilize and what your deliberate testing entails, it’s possible you’ll have to request authorization from Amazon prior to truly operating Pacu in opposition to your infrastructure. Determining whether or not or not such authorization is important is your duty.
  • As with any penetration testing instrument, it’s your duty to get correct authorization earlier than utilizing Pacu exterior of your personal setting.
  • Pacu is software program that comes with completely no warranties in any way. By utilizing Pacu, you are taking full duty for any and all outcomes that consequence.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.