From 538a7b024bca6dcd5fe60689c0b09e363a52075e Mon Sep 17 00:00:00 2001 From: cfgs Date: Tue, 8 Aug 2023 10:41:54 +0200 Subject: [PATCH] feat: add cognito-scanner tool for AWS pentest --- Methodology and Resources/Cloud - AWS Pentest.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/Methodology and Resources/Cloud - AWS Pentest.md b/Methodology and Resources/Cloud - AWS Pentest.md index fc8d99993b..e696fd04c3 100644 --- a/Methodology and Resources/Cloud - AWS Pentest.md +++ b/Methodology and Resources/Cloud - AWS Pentest.md @@ -185,6 +185,17 @@ find_admins: Look at IAM policies to identify admin users and roles, or principals with specific privileges ``` +* [Cognito Scanner](https://github.com/padok-team/cognito-scanner) - A CLI tool for executing attacks on cognito such as *Unwanted account creation*, *Account Oracle* and *Identity Pool escalation*. + ```bash + # Installation + $ pip install cognito-scanner + # Usage + $ cognito-scanner --help + # Get information about how to use the unwanted account creation script + $ cogntio-scanner account-creation --help + # For more details go to https://github.com/padok-team/cognito-scanner + ``` + * [dufflebag](https://labs.bishopfox.com/dufflebag) - Find secrets that are accidentally exposed via Amazon EBS's "public" mode * [NetSPI/AWS Consoler](https://github.com/NetSPI/aws_consoler) - Convert AWS Credentials into a console access