barq
#Security Testing#Offensive Security
A lightweight, first-stage C2 implant written in Nim for remote access and control.
barq: A Post-Exploitation Framework for AWS Infrastructure Attacks
barq is a post-exploitation framework designed to enable you to easily execute attacks on an active AWS infrastructure.
It enables you to attack
It enables you to attack running EC2 instances without needing the original instance SSH key pairs.
It also allows you to perform enumeration and extraction of AWS Secrets and Parameters
It also allows you to carry out the enumeration and extraction of stored Secrets and Parameters within AWS.
Running msfvenom Payloads
To execute the msfvenom payloads, you must have msfvenom installed on your workstation, and ensure that the PATH is configured correctly.
Installing:
Requirements:
1. Keep all technical terms and concepts exactly as they are.
2. Make the language clearer and more accessible.
3. Keep the same content structure and format.
4. Do not add or remove any information.
5. Maintain similar length; if the content is very short, add a little more detail.
Installation Instructions for Python 2
To install the required packages, run the following command: pip install -r requirements.txt
Installing Requirements for Python3 with Pip3
To install the required packages, use the command: pip3 install -r requirements.txt.
It is highly recommended to create a virtual environment for this tool.
Please remember that using sudo with pip is not advisable.
Author: Mohammed Aldoub, also known as Voulnet. You can find me on Twitter.
Main Features:
- Attack EC2 instances without needing key pairs or connection profiles/passwords.
- Dump EC2 secrets and parameters.
- Enumerate EC2 instances and security groups.
- Launch Metasploit and Empire payloads against EC2 instances.
- Training mode allows you to test attacks and features without affecting the actual AWS infrastructure.
