Although we have used Pacu throughout this book, this chapter will take the approach of discussing Pacu from the ground up. Ideally, at the end of this chapter, you should understand and be able to utilize the majority of Pacu's offered functionality. That means that you'll be able to take advantage of some of the more advanced features of Pacu and can contribute your own modules and research to the project.

In this chapter, we'll dive deeper into the AWS exploitation toolkit, Pacu, where we will develop an understanding of the following points:

• What Pacu is, why it is important, and how to set it up
• The commands that are offered by Pacu and how we can use them for our benefit
• How we can automate our own tasks and add them to Pacu as a module
• A short introduction into PacuProxy and its purpose

For anything in the pentesting field, it is helpful to automate things as much as possible, where possible. This allows us to perform attacks and enumeration of an environment without requiring the manual work of running multiple AWS command-line interface (CLI) commands over and over again across different environments. This kind of toolage allows us to save time, allowing us more time to spend on the manual aspect of our testing process. Sometimes these tools are involved and complicated though, and a thorough understanding of the tool and its target are required to utilize it to its full potential. That's why this chapter was written, to help you get a better understanding of what Pacu has to offer and how you can best take advantage of those offerings.