Exploit cloud IAM misconfigurations across providers
cloud-iam-deepskillsetup L4★1,791
elementalsouls/Claude-BugHunter ↗What it does
Enumerate cloud IAM privilege escalation paths and post-credential exploitation
Best for
Red-team privilege analysis when a cloud credential surfaces and escalation vectors matter.
Inputs
- · AWS/Azure/GCP credential (key/secret/token/JSON)
- · target service scope
Outputs
- · identity validation (arn/principal/permissions)
- · privilege escalation technique table
- · cross-account assume-role paths
Requires
- · aws cli
- · az cli
- · gcloud cli
- · pacu tool
Preconditions
Valid credential obtained; external-scope only (no on-prem AD)
Failure modes
Executing destructive actions when documenting the path suffices
Trust signals
- · 24+ AWS escalation techniques indexed
- · IMDS v1/v2 and Cognito Identity Pool chains
- · Hackingthe.cloud + PACU references