| If you want to... | HackTricks Feature | Action | | :--- | :--- | :--- | | | "Privilege Escalation" section | Search for each IAM action listed. If a user has it, assume they can become admin. | | Simulate a real attacker | "Methodology" section | Follow the step-by-step: Recon -> Initial Access -> Privilege Escalation -> Persistence -> Exfiltration. | | Test a specific service | Service-specific page (e.g., /aws-ec2.md ) | Run the # Enumeration commands to see what an attacker sees. | | Write a detection rule | "AWS Post-Exploitation" section | Look for API calls marked as "malicious" or "suspicious" (e.g., CreateAccessKey , UpdateAssumeRolePolicy ). | Example: Using the "hacktricks aws" IAM Feature Problem: You suspect a developer has too many permissions. You find they have iam:PassRole .
Here is a breakdown of why this is a "useful feature" and how to leverage it effectively. It is a curated, living document of common misconfigurations, privilege escalation vectors, post-exploitation techniques, and methodology for Amazon Web Services (AWS) . hacktricks aws
You might think "PassRole just allows attaching a role to a service. That seems fine." | If you want to