Work in Progress
Brute Force IAM Permissions
Brute force the IAM permissions of a user or role to see what you have access to.
Enumerate Permissions without Logging to CloudTrail
Leverage a bug in the AWS API to enumerate permissions for a role without logging to CloudTrail and alerting the Blue Team.
Get Account ID from AWS Access Keys
During an assessment you may find AWS IAM credentials but not know what account they are associated with. Use this to get the account ID.
Unauthenticated Enumeration of IAM Users and Roles
Leverage cross account behaviors to enumerate IAM users and roles in a different AWS account without authentication.
Whoami - Get Principal Name From Keys
During an assessment you may find AWS IAM credentials. Use these tactics to identify the principal of the keys.