cyberneticlibrary
← library

Hunt cloud infrastructure misconfigurations

hunt-cloud-misconfigskillsetup L11,791
elementalsouls/Claude-BugHunter
What it does

Hunt cloud / infrastructure misconfigurations. AWS: public

Best for

Use for hunt cloud / infrastructure misconfigurations. aws: public s3 buckets (s3:getobject anonymous), permissive bucket policies (putobjectacl public-write), exposed cloudfront origin, public lambda function url, public rds snapshot, iam credentials in js bundles, aws metadata accessible via ssrf. gcp: public gcs buckets, exposed cloud run services, leaked service account json. azure: public blob containers, exposed function app. (kubernetes/docker exposure is owned by hunt-k8s; ci/cd pipeline attacks by hunt-cicd; post-credential iam escalation by cloud-iam-deep.) detection: targeted dorking, certificate transparency, js bundle secret extraction, port scan for known service ports. validate: actual data read / write / rce. use when hunting cloud-native storage and compute misconfig (s3/gcs/blob, imds-via-ssrf, serverless, public managed services).

Inputs
  • · target
  • · test vectors
  • · payloads
Outputs
  • · vulnerability report
  • · PoC code
  • · impact assessment
Requires
  • · curl
  • · HTTP client
Preconditions

Required dependencies and environment setup — see body for details

Failure modes

See documentation for known limitations and edge cases

Trust signals
  • · Skill: skill
  • · Repository: elementalsouls/Claude-BugHunter