المهارات cloud-penetration-testing
☁️

cloud-penetration-testing

مخاطر منخفضة ⚙️ الأوامر الخارجية🌐 الوصول إلى الشبكة📁 الوصول إلى نظام الملفات

執行雲端安全評估

安全專業人員需要跨 Azure、AWS 和 GCP 環境的全面雲端滲透測試能力。此技能提供結構化工作流程,用於偵察、列舉、滲透和持續性測試,並明確授權要求。

يدعم: Claude Codex Code(CC)
⚠️ 65 ضعيف
1

تنزيل ZIP المهارة

2

رفع في Claude

اذهب إلى Settings → Capabilities → Skills → Upload skill

3

فعّل وابدأ الاستخدام

اختبرها

استخدام "cloud-penetration-testing". 列舉 AWS S3 儲存貴體並檢查公開存取

النتيجة المتوقعة:

傳回具有存取控制的 S3 儲存貴體清單,識別可公開存取的儲存貴體,為錯誤配置提供修補建議

استخدام "cloud-penetration-testing". 檢查 Azure AD 中屬性包含密碼的使用者

النتيجة المتوقعة:

傳回屬性中包含敏感資料的 Azure AD 使用者,顯示哪些屬性包含潛在機密

استخدام "cloud-penetration-testing". 存取 GCP 中繼資料服務以探索憑證

النتيجة المتوقعة:

從遭受入侵的運算執行個體傳回 GCP 服務帳戶權杖和中繼資料

التدقيق الأمني

مخاطر منخفضة
v1 • 2/25/2026

This skill contains cloud penetration testing commands and scripts commonly used in authorized security assessments. Static analysis flagged external command execution, network access, and metadata endpoint patterns - all standard elements of legitimate cloud security testing. The skill includes clear authorization requirements and is designed for security professionals. Findings are false positives in this context as they represent standard pen testing techniques for Azure, AWS, and GCP.

2
الملفات التي تم فحصها
826
الأسطر التي تم تحليلها
10
النتائج
1
إجمالي عمليات التدقيق

مشكلات عالية المخاطر (4)

SKILL.md:20-36SKILL.md:80-98SKILL.md:143-174SKILL.md:253-269SKILL.md:275-286SKILL.md:337-395SKILL.md:443-475references/advanced-cloud-scripts.md:9-130references/advanced-cloud-scripts.md:148-190
External Command Execution
Skill contains numerous external command invocations using shell backticks and system() calls. These execute AWS CLI, Azure CLI, and GCP commands for security testing purposes. This is standard penetration testing practice but could be misused.
SKILL.md:263-268SKILL.md:339-342SKILL.md:383SKILL.md:401-402references/advanced-cloud-scripts.md:120-124
Cloud Metadata Service Access
Skill contains commands to access AWS, Azure, and GCP metadata endpoints (169.254.169.254). This is standard cloud security assessment technique for checking instance credentials and configuration.
SKILL.md:440-451SKILL.md:181references/advanced-cloud-scripts.md:242-272
Password Spraying Scripts
Skill contains password spraying tools and scripts for testing credential strength. This is a legitimate security testing technique but could be weaponized for brute force attacks.
SKILL.md:169-174SKILL.md:259-261SKILL.md:353-356SKILL.md:295SKILL.md:477
Credential Access Techniques
Skill demonstrates techniques for accessing credentials from cloud services including Key Vault secrets, Lambda environment variables, and user data. This is standard cloud security assessment.
مشكلات متوسطة المخاطر (2)
SKILL.md:44-74SKILL.md:100-143SKILL.md:215-247SKILL.md:427
Network Reconnaissance
Skill includes network enumeration commands for cloud resources. This is standard reconnaissance for security assessments.
SKILL.md:353-356SKILL.md:67SKILL.md:464
Filesystem Access
Skill contains filesystem access commands for credential discovery. This is standard post-exploitation technique in authorized assessments.
مشكلات منخفضة المخاطر (1)
SKILL.md:176-197SKILL.md:271-286
Persistence Techniques
Skill documents persistence techniques like creating service principals and backdoor accounts. These are standard post-exploitation techniques documented for authorized assessments.

عوامل الخطر

⚙️ الأوامر الخارجية (114)
references/advanced-cloud-scripts.md:9-24 references/advanced-cloud-scripts.md:24-28 references/advanced-cloud-scripts.md:28-44 references/advanced-cloud-scripts.md:44-50 references/advanced-cloud-scripts.md:50-55 references/advanced-cloud-scripts.md:55-59 references/advanced-cloud-scripts.md:59-74 references/advanced-cloud-scripts.md:74-80 references/advanced-cloud-scripts.md:80-88 references/advanced-cloud-scripts.md:89-90 references/advanced-cloud-scripts.md:91-92 references/advanced-cloud-scripts.md:95-101 references/advanced-cloud-scripts.md:101-107 references/advanced-cloud-scripts.md:108-109 references/advanced-cloud-scripts.md:110-111 references/advanced-cloud-scripts.md:114-118 references/advanced-cloud-scripts.md:118-125 references/advanced-cloud-scripts.md:125-129 references/advanced-cloud-scripts.md:129-130 references/advanced-cloud-scripts.md:130-148 references/advanced-cloud-scripts.md:148-152 references/advanced-cloud-scripts.md:152-157 references/advanced-cloud-scripts.md:157-161 references/advanced-cloud-scripts.md:161-167 references/advanced-cloud-scripts.md:167-171 references/advanced-cloud-scripts.md:171-176 references/advanced-cloud-scripts.md:176-180 references/advanced-cloud-scripts.md:180-184 references/advanced-cloud-scripts.md:184-190 references/advanced-cloud-scripts.md:190-221 references/advanced-cloud-scripts.md:221-225 references/advanced-cloud-scripts.md:225-240 references/advanced-cloud-scripts.md:240-244 references/advanced-cloud-scripts.md:244-253 references/advanced-cloud-scripts.md:259-265 references/advanced-cloud-scripts.md:272-276 references/advanced-cloud-scripts.md:276-290 references/advanced-cloud-scripts.md:9 references/advanced-cloud-scripts.md:28 references/advanced-cloud-scripts.md:50 references/advanced-cloud-scripts.md:59 references/advanced-cloud-scripts.md:80 references/advanced-cloud-scripts.md:101 references/advanced-cloud-scripts.md:118 references/advanced-cloud-scripts.md:242 references/advanced-cloud-scripts.md:244 SKILL.md:20-36 SKILL.md:36-62 SKILL.md:62-74 SKILL.md:74-80 SKILL.md:80-98 SKILL.md:98-104 SKILL.md:104-143 SKILL.md:143-149 SKILL.md:149-174 SKILL.md:174-180 SKILL.md:180-197 SKILL.md:197-203 SKILL.md:203-213 SKILL.md:213-219 SKILL.md:219-247 SKILL.md:247-253 SKILL.md:253-269 SKILL.md:269-275 SKILL.md:275-286 SKILL.md:286-292 SKILL.md:292-331 SKILL.md:331-337 SKILL.md:337-356 SKILL.md:356-364 SKILL.md:364-365 SKILL.md:365-366 SKILL.md:366-367 SKILL.md:367-368 SKILL.md:368-369 SKILL.md:369-370 SKILL.md:370-371 SKILL.md:371-377 SKILL.md:377-378 SKILL.md:378-379 SKILL.md:379-380 SKILL.md:380-381 SKILL.md:381-382 SKILL.md:382-383 SKILL.md:383-389 SKILL.md:389-390 SKILL.md:390-391 SKILL.md:391-392 SKILL.md:392-393 SKILL.md:393-394 SKILL.md:394-395 SKILL.md:395-401 SKILL.md:401-402 SKILL.md:402-403 SKILL.md:403-443 SKILL.md:443-451 SKILL.md:451-457 SKILL.md:457-469 SKILL.md:469-475 SKILL.md:475-490 SKILL.md:267 SKILL.md:283 SKILL.md:253-269 SKILL.md:275-286 SKILL.md:80 SKILL.md:81 SKILL.md:104 SKILL.md:149 SKILL.md:163 SKILL.md:180 SKILL.md:443 SKILL.md:28 SKILL.md:353 SKILL.md:354
🌐 الوصول إلى الشبكة (50)
references/advanced-cloud-scripts.md:120 references/advanced-cloud-scripts.md:123 references/advanced-cloud-scripts.md:3 references/advanced-cloud-scripts.md:83 references/advanced-cloud-scripts.md:91 references/advanced-cloud-scripts.md:97 references/advanced-cloud-scripts.md:110 references/advanced-cloud-scripts.md:120 references/advanced-cloud-scripts.md:123 references/advanced-cloud-scripts.md:289 references/advanced-cloud-scripts.md:85 references/advanced-cloud-scripts.md:120 references/advanced-cloud-scripts.md:123 SKILL.md:263 SKILL.md:264 SKILL.md:267 SKILL.md:268 SKILL.md:383 SKILL.md:401 SKILL.md:402 SKILL.md:498 SKILL.md:339 SKILL.md:342 SKILL.md:395 SKILL.md:403 SKILL.md:27 SKILL.md:31 SKILL.md:64 SKILL.md:67 SKILL.md:263 SKILL.md:264 SKILL.md:267 SKILL.md:268 SKILL.md:339 SKILL.md:342 SKILL.md:383 SKILL.md:395 SKILL.md:401 SKILL.md:402 SKILL.md:403 SKILL.md:446 SKILL.md:450 SKILL.md:263 SKILL.md:264 SKILL.md:267 SKILL.md:268 SKILL.md:383 SKILL.md:401 SKILL.md:402 SKILL.md:498
📁 الوصول إلى نظام الملفات (5)
SKILL.md:354 SKILL.md:67 SKILL.md:354 SKILL.md:354 SKILL.md:464

الأنماط المكتشفة

Code Execution + Network + Credentials
تم تدقيقه بواسطة: claude

درجة الجودة

41
الهندسة المعمارية
100
قابلية الصيانة
87
المحتوى
50
المجتمع
40
الأمان
96
الامتثال للمواصفات

ماذا يمكنك بناءه

進行 AWS 評估的安全顧問

執行全面的 AWS 安全評估,包括 S3 儲存貯體列舉、IAM 角色分析和 EC2 執行個體測試

測試防禦的藍隊成員

透過模擬攻擊者技術來驗證組織的雲端安全控制

強化雲端基礎架構的 DevSecOps 工程師

在攻擊者利用之前識別並修補雲端錯誤配置

جرّب هذه الموجهات

基本 AWS 列舉 
Use the cloud-penetration-testing skill to enumerate AWS resources. List all S3 buckets, EC2 instances, and IAM users accessible with current credentials. Run: aws sts get-caller-identity first to check authentication.
Azure AD 使用者探索 
Use the cloud-penetration-testing skill to enumerate Azure AD users and groups. List all users, groups, and role assignments. Check for users with password in attributes.
GCP 專案評估 
Use the cloud-penetration-testing skill to assess GCP security. List enabled services, compute instances, storage buckets, and IAM policies. Check for overly permissive service accounts.
全面雲端稽核 
Use the cloud-penetration-testing skill to perform a comprehensive multi-cloud security assessment covering AWS, Azure, and GCP. Document all findings with remediation recommendations.

أفضل الممارسات

  • 在測試任何雲端環境之前,務必取得書面授權
  • 記錄所有測試活動和發現以符合合規性
  • 在嘗試滲透之前,先使用唯讀列舉技術
  • 尊重範圍界線,不要存取授權以外的系統

تجنب

  • 未經適當授權執行滲透測試
  • 未通知營運團隊即測試生產系統
  • 嘗試在多租戶環境中存取客戶資料
  • 在測試期間忽略偵測和警示機制

الأسئلة المتكررة

此技能是否支援多因素身份驗證?
MFA 可能會限制某些攻擊技術。此技能記錄了替代的身份驗證方法,但這些方法需要特定條件才能成功。
此技能能否繞過雲端安全控制?
否。此技能提供的測試技術在所提供憑證的能力範圍內運作。妥善保護的環境將會封鎖未經授權的存取。
是否包含密碼噴灑功能?
此技能參考了密碼噴灑工具以進行憑證驗證測試。這需要明確授權,且僅應在已授權的評估中使用。
此技能能否離線運作?
否。雲端滲透測試需要對雲端提供商 API 和中繼資料端點的網路存取。
我能否將其用於內部安全測試?
可以,只要有環境所有者的適當書面授權。務必記錄範圍和交戰規則。
支援哪些雲端提供商?
Amazon Web Services (AWS)、Microsoft Azure 和 Google Cloud Platform (GCP) 均有涵蓋,並提供各自的特定技術。

تفاصيل المطور

المؤلف

sickn33

الترخيص

MIT

المستودع

https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/cloud-penetration-testing

مرجع

main

بنية الملفات

📁 references/

📄 advanced-cloud-scripts.md

📄 SKILL.md