Jump to content

WeirdAAL (AWS Attack Library) Basics from the Authors

Recommended Posts


InfoSec Rock Star, Chris Gates, is back on EH-Net with a tutorial on an open source tool he created with Ken Johnson. "WeirdAAL (AWS Attack Library) Basics from the Authors" gives you the basics on how to get started as well as a few creative ways to use the tool in your pentests.


WeirdAAL (AWS Attack Library) Basics from the AuthorsThe cloud is everything. Organizations have either moved completely to the cloud, have a hybrid approach, or are actively planning a cloud strategy. Penetration testers have always had to provide their services anywhere the client’s environment takes them. This often leads to finding vital information and credentials for their cloud provider of choice. With Amazon Web Services (AWS) being the number one player, finding AWS keys has become very common. But how does one utilize that recon information to further their attacks? Pivoting into these machines or querying the exposed services would make for a much more thorough assessment, but what type of access is available once there? That’s why we created an AWS Attack Library (WeirdAAL).

WeirdAAL has two goals related to the AWS keys you find, procure, or need to test. First, answer the “what can I do with this AWS key pair” from a blackbox perspective. Secondly, be a repository of useful functions, both offensive and defensive, to interact with AWS Services. This article is meant to be a basic tutorial to get you started.

Let us know if you've heard of this tool before seeing it on EH-Net. Do you use it? Have you tried this tutorial?

Leave your feedback in the Comments Section for this article on EH-Net.


Share this post

Link to post

Your content is nothing short of brilliant in many ways. I think this is engaging and eye-opening material. Thank you so much for caring about your content and your readers.

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in

Sign In Now