From communitytools
Tests AWS, Azure, GCP cloud infrastructure and Docker, Kubernetes containers for security misconfigurations and exploitation paths like S3 exposure, RBAC bypass, and pod escapes.
npx claudepluginhub transilienceai/communitytoolsThis skill uses the workspace's default tool permissions.
Test cloud infrastructure and container environments for security misconfigurations and exploitation paths.
Audits cloud infrastructure for misconfigurations in AWS IAM privilege escalation, exposed S3 buckets, GCP service accounts, Azure RBAC, Kubernetes API servers, and metadata credential leaks.
Identifies cloud-native security vulnerabilities including IMDS/SSRF exploitation, IAM misconfigurations, Kubernetes issues, serverless attack vectors, and cloud provider risks during code reviews, IaC audits, and pentesting.
Performs authorized penetration tests on Azure, AWS, and GCP infrastructure: reconnaissance, authentication, enumeration, privilege escalation, and reporting.
Share bugs, ideas, or general feedback.
Test cloud infrastructure and container environments for security misconfigurations and exploitation paths.
| Platform | Key Vectors |
|---|---|
| AWS | S3 bucket exposure, IAM misconfig, metadata service, Lambda abuse |
| Azure | Blob storage, RBAC flaws, managed identity, App Service misconfig |
| GCP | Cloud Storage, service account keys, metadata server, IAM |
| Docker | Container escape, privileged mode, socket exposure, image vulnerabilities |
| Kubernetes | RBAC bypass, secret exposure, pod escape, API server access |
reference/cloud-security.md - Platform-specific attack guides (AWS, Azure, GCP, Docker, K8s)