Pacu leverages IAM access keys stored in the default location, ~/.aws/credentials
# configure user credentials in pacu, specify specific profile or all creds in file
set_keys <awsProfile> | --all
# import current user's permissions (run this anytime permissions change)
run iam__enum_permissions
# validate user's permissions
whoami
Modules
Backdoor
Pacu can help give you backdoor access (i.e., another access method)
# add user to an IAM Role (requires ability to edit the role's trust policy)
run iam__backdoor_assume_role
Privilege Escalation
Pacu can perform 20+ privilege escalation checks
run iam__privesc_scan
Enumeration
# checks if credentials are known canary tokens (i.e., fake creds used to detect you)
iam__detect_honeytokens
