Pacu download | SourceForge.net

Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. Pacu is the aggregation of all of the exploitation experience and research from our countless prior AWS red team engagements. Automating components of the assessment not only improves efficiency but also allows our assessment team to be much more thorough in large environments. What used to take days to manually enumerate can be now be achieved in minutes. There are currently over 35 modules that range from reconnaissance, persistence, privilege escalation, enumeration, data exfiltration, log manipulation, and miscellaneous general exploitation.

Features

Pacu is a fairly lightweight program, as it requires only Python3.6+ and pip3 to install a handful of Python libraries
Pacu uses a range of plug-in modules to assist an attacker in enumeration
Pacu has 36 modules for executing AWS attacks
We've designed Pacu from the ground up with extensibility in mind
A common syntax and data structure keep modules easy to build and expand on
No need to specify AWS regions or make redundant permission checks between modules

Project Samples

Project Activity

See All Activity >

License

BSD License

Follow Pacu

Pacu Web Site

Other Useful Business Software

Fully Managed MySQL, PostgreSQL, and SQL Server

Automatic backups, patching, replication, and failover. Focus on your app, not your database.

Cloud SQL handles your database ops end to end, so you can focus on your app.

Try Free

Rate This Project

User Reviews

Be the first to post a review of Pacu!

Additional Project Details

Operating Systems

Linux, Mac

Programming Language

Python

Related Categories

Python Security Software, Python Software Testing Tool, Python Frameworks, Python Post-Exploitation Frameworks

Registered

2022-04-01

Similar Business Software

Comet Backup

Start running backups and restores in less than 15 minutes! Fast, secure backup software for businesses and IT providers. Comet is a flexible, all-in-one backup platform available in 13 languages. You choose your backup destination, server location, configuration and setup. Backup to your...

See Software
Diplomat Managed File Transfer

Diplomat MFT by Coviant Software is a secure, reliable managed file transfer solution designed to simplify and automate SFTP, FTPS, and HTTPS file transfers. Built for seamless integration, Diplomat MFT works across major cloud storage platforms, including AWS S3, Azure Blob, Google Cloud,...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Files.com

Files.com is a cloud-native Managed File Transfer (MFT) platform that unifies file transfers, sharing, and automation across any cloud, protocol, or partner. It connects 50+ storage systems — including Amazon S3, Azure, Google Drive, SharePoint, Dropbox, and Box — presenting them as a single...

See Software
AdRem NetCrunch

NetCrunch is a powerful, scalable, all-in-one network monitoring system built for modern IT environments. It supports agentless monitoring of thousands of devices, covering SNMP, servers, virtualization (VMware, Hyper-V), cloud (AWS, Azure, GCP), traffic flows (NetFlow, sFlow), logs, and custom...

See Software
Astra Pentest

Astra’s Pentest is a comprehensive penetration testing solution with an intelligent automated vulnerability scanner coupled with in-depth manual pentesting. On top of 10000+ tests including security checks for all CVEs mentioned in the OWASP top 10, and SANS 25, the automated scanner also...

See Software