Created
December 10, 2025 15:13
-
-
Save calmhavoc/d1c5f5b1c857732404a8a87284e0398b to your computer and use it in GitHub Desktop.
AWS Notes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| aws sts get-caller-identity | |
| aws iam get-user | |
| aws iam list-users | |
| aws iam list-groups | |
| aws iam list-roles | |
| aws iam list-policies | |
| aws iam list-policies --scope Local | |
| for x in $(aws iam list-groups |grep Arn | cut -d ":" -f2 | tr -d "'" | tr -d "," );do echo "[+] Checking $x";aws iam get-policy --policy-arn $x ;done | |
| for x in $(aws iam list-groups |grep GroupName | cut -d ":" -f2 | tr -d "'" | tr -d "," );do echo "[+] Checking $x";aws iam list-group-policies --group-name $x ;done | |
| #aws iam list-group-policies --group-name <> | |
| for x in $(aws iam list-policies |grep PolicyName | cut -d ":" -f2 | tr -d "'" | tr -d "," );do echo "[+] Checking $x";aws iam get-policy --policy-arn $x ;done | |
| aws iam list-policies |grep AdministratorAccess | |
| #aws iam list-attached-user-policies --username <> | |
| aws iam list-roles | |
| for x in $(aws iam list-roles |grep RoleName | cut -d ":" -f2 | tr -d "'" | tr -d "," );do echo "[+] Checking $x";aws iam get-role --role-name $x ;done | |
| AWS S3 | |
| aws s3api list-buckets | |
| # aws s3api list-objects --bucket <bucket-name> | |
| for x in $(aws s3api list-buckets |grep Name | cut -d ":" -f2 | tr -d "'" | tr -d "," );do echo "[+] Checking $x";aws s3api list-objects --bucket $x ;done | |
| # aws s3api get-bucket-policy --bucket <bucket-name> --output text | python3 -m json.tool | |
| for x in $(aws s3api list-buckets |grep Name | cut -d ":" -f2 | tr -d "'" | tr -d "," );do echo "[+] Checking $x";aws s3api get-bucket-policy --bucket $x --output text | python3 -m json.tool;done | |
| # aws s3api get-bucket-acl --bucket <bucket-name> > acl.json | |
| for x in $(aws s3api list-buckets |grep Name | cut -d ":" -f2 | tr -d "'" | tr -d "," );do echo "[+] Checking $x";aws s3api get-bucket-acl --bucket $x ;done | |
| # aws s3api get-bucket-location --bucket <bucket-name> | |
| for x in $(aws s3api list-buckets |grep Name | cut -d ":" -f2 | tr -d "'" | tr -d "," );do echo "[+] Checking $x";aws s3api get-bucket-location --bucket $x ;done | |
| # aws s3api get-public-access-block --bucket | |
| for x in $(aws s3api list-buckets |grep Name | cut -d ":" -f2 | tr -d "'" | tr -d "," );do echo "[+] Checking $x";aws s3api get-public-access-block --bucket $x ;done | |
| # Attempt to download anything/everything | |
| for x in $(aws s3api list-buckets |grep Name | cut -d ":" -f2 | tr -d "'" | tr -d "," );do echo "[+] Checking $x";for y in $(aws s3api list-objects --bucket $x |grep Key| cut -d ":" -f2 | tr -d "'" | tr -d "," );\ | |
| do echo "[+] Attempting Download: $y";aws s3 cp s3://$x/$y . ;done ;done | |
| # Attempt to copy random file to bucket | |
| for x in $(aws s3api list-buckets |grep Name | cut -d ":" -f2 | tr -d "'" | tr -d "," );do echo "[+] Checking $x";aws s3 cp testy s3://$x/testy ;done | |
| # AWS API GATEWAY | |
| aws apigateway get-account | |
| aws apigateway get-rest-apis | |
| aws apigateway get-client-certificates | |
| aws lambda list-layers | |
| aws lambda list-functions | |
| for x in $(aws lambda list-functions |grep Name | cut -d ":" -f2 | tr -d "'" | tr -d "," );do echo "[+] Checking $x";aws lambda get-function --function-name $x ;done | |
| # Get function event source mapping | |
| for x in $(aws lambda list-functions |grep Name | cut -d ":" -f2 | tr -d "'" | tr -d "," );do echo "[+] Checking $x";aws lambda list-event-source-mappings --function-name $x ;done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment