Skip to content

Hide Navigation Hide TOC

Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9)

Pacu is an open-source AWS exploitation framework. The tool is written in Python and publicly available on GitHub.(Citation: GitHub Pacu)

Cluster A Galaxy A Cluster B Galaxy B Level
Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool Create Snapshot - T1578.001 (ed2e45f9-d338-4eb2-8ce5-3a2e03323bc1) Attack Pattern 1
Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool System Network Connections Discovery - T1049 (7e150503-88e7-4861-866b-ff1ac82c4475) Attack Pattern 1
Cloud API - T1059.009 (55bb4471-ff1f-43b4-88c1-c9384ec47abf) Attack Pattern Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool 1
Unsecured Credentials - T1552 (435dfb86-2697-4867-85b5-2fef496c0517) Attack Pattern Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool 1
Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool Cloud Secrets Management Stores - T1555.006 (cfb525cc-5494-401d-a82b-2539ca46a561) Attack Pattern 1
Disable or Modify Cloud Firewall - T1562.007 (77532a55-c283-4cd2-bc5d-2d0b65e9d88c) Attack Pattern Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool 1
Disable or Modify Cloud Logs - T1562.008 (cacc40da-4c9e-462c-80d5-fd70a178b12d) Attack Pattern Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool 1
Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool Event Triggered Execution - T1546 (b6301b64-ef57-4cce-bb0b-77026f14a8db) Attack Pattern 1
Log Enumeration - T1654 (866d0d6d-02c6-42bd-aa2f-02907fdc0969) Attack Pattern Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool 1
Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool Serverless Execution - T1648 (e848506b-8484-4410-8017-3d235a52f5b3) Attack Pattern 1
Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool Cloud Service Discovery - T1526 (e24fcba8-2557-4442-a139-1ee2f2e784db) Attack Pattern 1
Cloud Storage Object Discovery - T1619 (8565825b-21c8-4518-b75e-cbc4c717a156) Attack Pattern Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool 1
Cloud Groups - T1069.003 (16e94db9-b5b1-4cd0-b851-f38fbd0a70f2) Attack Pattern Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool 1
Data from Cloud Storage - T1530 (3298ce88-1628-43b1-87d9-0b5336b193d7) Attack Pattern Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool 1
Cloud Administration Command - T1651 (d94b3ae9-8059-4989-8e9f-ea0f601f80a7) Attack Pattern Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool 1
Automated Collection - T1119 (30208d3e-0d6b-43c8-883e-44462a514619) Attack Pattern Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool 1
Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool Additional Cloud Credentials - T1098.001 (8a2f40cf-8325-47f9-96e4-b1ca4c7389bd) Attack Pattern 1
Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool Security Software Discovery - T1518.001 (cba37adb-d6fb-4610-b069-dd04c0643384) Attack Pattern 1
Cloud Accounts - T1078.004 (f232fa7a-025c-4d43-abc7-318e81a73d65) Attack Pattern Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool 1
Cloud Account - T1087.004 (8f104855-e5b7-4077-b1f5-bc3103b41abe) Attack Pattern Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool 1
Pacu - S1091 (1b3b8f96-43b1-4460-8e02-1f53d7802fb9) mitre-tool Cloud Infrastructure Discovery - T1580 (57a3d31a-d04f-4663-b2da-7df8ec3f8c9d) Attack Pattern 1
Modify Cloud Compute Infrastructure - T1578 (144e007b-e638-431d-a894-45d90c54ab90) Attack Pattern Create Snapshot - T1578.001 (ed2e45f9-d338-4eb2-8ce5-3a2e03323bc1) Attack Pattern 2
Cloud API - T1059.009 (55bb4471-ff1f-43b4-88c1-c9384ec47abf) Attack Pattern Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830) Attack Pattern 2
Cloud Secrets Management Stores - T1555.006 (cfb525cc-5494-401d-a82b-2539ca46a561) Attack Pattern Credentials from Password Stores - T1555 (3fc9b85a-2862-4363-a64d-d692e3ffbee0) Attack Pattern 2
Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529) Attack Pattern Disable or Modify Cloud Firewall - T1562.007 (77532a55-c283-4cd2-bc5d-2d0b65e9d88c) Attack Pattern 2
Disable or Modify Cloud Logs - T1562.008 (cacc40da-4c9e-462c-80d5-fd70a178b12d) Attack Pattern Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529) Attack Pattern 2
Cloud Groups - T1069.003 (16e94db9-b5b1-4cd0-b851-f38fbd0a70f2) Attack Pattern Permission Groups Discovery - T1069 (15dbf668-795c-41e6-8219-f0447c0e64ce) Attack Pattern 2
Account Manipulation - T1098 (a10641f4-87b4-45a3-a906-92a149cb2c27) Attack Pattern Additional Cloud Credentials - T1098.001 (8a2f40cf-8325-47f9-96e4-b1ca4c7389bd) Attack Pattern 2
Software Discovery - T1518 (e3b6daca-e963-4a69-aee6-ed4fd653ad58) Attack Pattern Security Software Discovery - T1518.001 (cba37adb-d6fb-4610-b069-dd04c0643384) Attack Pattern 2
Valid Accounts - T1078 (b17a1a56-e99c-403c-8948-561df0cffe81) Attack Pattern Cloud Accounts - T1078.004 (f232fa7a-025c-4d43-abc7-318e81a73d65) Attack Pattern 2
Cloud Account - T1087.004 (8f104855-e5b7-4077-b1f5-bc3103b41abe) Attack Pattern Account Discovery - T1087 (72b74d71-8169-42aa-92e0-e7b04b9f5a08) Attack Pattern 2