Aws Penetration Testing

The aws-penetration-testing skill empowers AI agents to conduct comprehensive security assessments of AWS environments. It automates the discovery of vulnerabilities and misconfigurations across cloud resources to harden infrastructure defenses.

When to use it

• Performing pre-deployment security audits on new AWS architectures before going live.
• Identifying exposed S3 buckets or open security groups in production environments.
• Validating compliance with security best practices after major infrastructure changes.
• Simulating attacker techniques to test the resilience of cloud-native applications.

Key capabilities

• Scans for common AWS misconfigurations and insecure settings.
• Identifies unpatched software and outdated dependencies within EC2 instances.
• Detects overly permissive IAM roles and policies that grant excessive access.
• Analyzes network topology to find potential lateral movement paths.

Example prompts

• "Run a full penetration test on my AWS account focusing on S3 bucket permissions and security group rules."
• "Identify any EC2 instances with open SSH ports or outdated operating systems in the us-east-1 region."
• "Generate a report of IAM policies that allow wildcard access to DynamoDB tables."

Tips & gotchas

Ensure you have explicit authorization before running penetration tests on production environments to avoid accidental service disruption. Always configure AWS CloudTrail and GuardDuty to monitor for anomalous activity triggered by the testing process.