DevOps已验证

High risk

aws-penetration-testing

Critical signals were detected and installation should be handled carefully.

0/100

2critical1high

修复建议

🚨 得分 0/100 — 此技能极度危险。请勿安装。

检测到的风险3

Aws Credentialscritical

aws_credentials

AWS credentials access

Line 383

Snippets

L383export AWS_ACCESS_KEY_ID=ASIA...

L384export AWS_SECRET_ACCESS_KEY=...

L383export AWS_ACCESS_KEY_ID=ASIA...

L384export AWS_SECRET_ACCESS_KEY=...

Privilege Escalationcritical

privilege_escalation

Privilege escalation attempt

Line 286

Snippets

L286sudo mkdir /mnt/stolen

L287sudo mount /dev/xvdf1 /mnt/stolen

L286sudo mkdir /mnt/stolen

L287sudo mount /dev/xvdf1 /mnt/stolen

Network Callhigh

network_call

Outbound network call

Line 119

Snippets

L119TOKEN=$(curl -X PUT -H "X-aws-ec2-metadata-token-ttl-seconds: 21600" \

L123curl -H "X-aws-ec2-metadata-token:$TOKEN" \

L347| Get metadata | `curl http://169.254.169.254/latest/meta-data/` |

L400| Expired credentials | Re-fetch from metadata (temp creds rotate) |

L596curl https://API_ID.execute-api.REGION.amazonaws.com/STAGE/ENDPOINT

Voir les risques detectes

Connectez-vous pour consulter l'analyse detaillee des risques.

$npx agentfend install cmn92pmor00hzu1ip4wj4twei

Trust Score

20trust

⭐ 2.8万🍴 4667

Updated 2周前

分析时间

2026年3月31日 15:56

+ 2 previous scans

兼容

AGAntigravity

Skill details

Trust score

20/100

GitHub

Connected

Stars

2.8万

Forks

4667

Updated 2周前

分析时间 2026年3月31日 15:56

说明

"Provide comprehensive techniques for penetration testing AWS cloud environments. Covers IAM enumeration, privilege escalation, SSRF to metadata endpoint, S3 bucket exploitation, Lambda code extraction, and persistence techniques for red team operations."

查看源码