cloud-penetration-testinglisted

This skill should be used when the user asks to "perform cloud penetration testing", "assess Azure or AWS or GCP security", "enumerate cloud resources", "exploit cloud misconfigurations", "test O365 security", "extract secrets from cloud environments", or "audit cloud infrastructure". It provides comprehensive techniques for security assessment across major cloud platforms.
aiskillstore/marketplace · ★ 334 · DevOps & Infrastructure · score 83

Install: claude install-skill aiskillstore/marketplace

# Cloud Penetration Testing ## Purpose Conduct comprehensive security assessments of cloud infrastructure across Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). This skill covers reconnaissance, authentication testing, resource enumeration, privilege escalation, data extraction, and persistence techniques for authorized cloud security engagements. ## Prerequisites ### Required Tools ```bash # Azure tools Install-Module -Name Az -AllowClobber -Force Install-Module -Name MSOnline -Force Install-Module -Name AzureAD -Force # AWS CLI curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" unzip awscliv2.zip && sudo ./aws/install # GCP CLI curl https://sdk.cloud.google.com | bash gcloud init # Additional tools pip install scoutsuite pacu ``` ### Required Knowledge - Cloud architecture fundamentals - Identity and Access Management (IAM) - API authentication mechanisms - DevOps and automation concepts ### Required Access - Written authorization for testing - Test credentials or access tokens - Defined scope and rules of engagement ## Outputs and Deliverables 1. **Cloud Security Assessment Report** - Comprehensive findings and risk ratings 2. **Resource Inventory** - Enumerated services, storage, and compute instances 3. **Credential Findings** - Exposed secrets, keys, and misconfigurations 4. **Remediation Recommendations** - Hardening guidance per platform ## Core Workflow ### Phase 1: Reconnaissance Gather initia