rtexit-method 0.1.23 → 0.1.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/package.json +1 -1
  2. package/packaged-assets/.agents/skills/rt-exploit-cloud-aws/SKILL.md +9 -3
  3. package/packaged-assets/.agents/skills/rt-exploit-cloud-gcp/SKILL.md +2 -2
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "rtexit-method",
3
- "version": "0.1.23",
3
+ "version": "0.1.24",
4
4
  "description": "RTExit - AI-assisted Red Team methodology installer",
5
5
  "license": "MIT",
6
6
  "author": "Exit Code",
package/packaged-assets/.agents/skills/rt-exploit-cloud-aws/SKILL.md CHANGED
@@ -1,6 +1,6 @@
1
1
  ---
2
2
  name: rt-exploit-cloud-aws
3
- description: "AWS Red Team exploitation skill. Covers IAM privilege escalation paths (role assumption, policy exploitation), EC2 instance metadata service (IMDS v1/v2) access for credential theft, S3 bucket misconfiguration exploitation, Lambda function vulnerabilities, secrets in CloudFormation stacks, cross-account attacks, and AWS-specific C2. Tools: Pacu, ScoutSuite, aws-cli, CloudFox."
3
+ description: "AWS Red Team exploitation skill. Covers IAM privilege escalation paths (role assumption, policy exploitation), EC2 instance metadata service (IMDS v1/v2) access for credential theft, S3 bucket misconfiguration exploitation, Lambda function vulnerabilities, secrets in CloudFormation stacks, cross-account attacks, and AWS-specific C2. Tools: Pacu, aws-cli, CloudFox, prowler, enumerate-iam, awswhoami. Note: ScoutSuite requires separate Docker image (Python 3.13 conflict)."
4
4
  ---
5
5
 
6
6
  # rt-exploit-cloud-aws — AWS Red Team Exploitation
@@ -67,9 +67,15 @@ python pacu.py
67
67
 
68
68
  ### 2.3 ScoutSuite (Multi-Cloud Auditing)
69
69
 
70
+ > ⚠️ **Note:** ScoutSuite has Python 3.13 dependency conflicts. Run via Docker instead:
71
+
70
72
  ```bash
71
- pip3 install scoutsuite
72
- scout aws --profile target --report-dir ./scoutsuite-report
73
+ # Option A: Run ScoutSuite via its own Docker image
74
+ docker run -it --rm -v ~/.aws:/root/.aws rossja/ncc-scoutsuite \
75
+ scout aws --profile target --report-dir /tmp/scoutsuite-report
76
+
77
+ # Option B: Use prowler as alternative (installed in rtexit-kali)
78
+ prowler aws -f us-east-1 --output-directory ./prowler-report
73
79
  ```
74
80
 
75
81
  ### 2.4 CloudFox (Cloud Privilege Escalation Discovery)
package/packaged-assets/.agents/skills/rt-exploit-cloud-gcp/SKILL.md CHANGED
@@ -68,8 +68,8 @@ sudo ln -s /opt/cloudfox/cloudfox /usr/local/bin/cloudfox
68
68
  # GCP IAM Privilege Escalation scripts (Rhino Security Labs)
69
69
  git clone https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation.git /opt/gcp-privesc
70
70
 
71
- # ScoutSuite — multi-cloud auditing (useful for gap analysis)
72
- pip3 install scoutsuite
71
+ # ScoutSuite — run via Docker (Python 3.13 conflict in rtexit-kali)
72
+ # docker run -it --rm rossja/ncc-scoutsuite scout gcp --project <project-id>
73
73
 
74
74
  # gcp_scanner — Google's own attack surface scanner
75
75
  pip3 install gcp-scanner