Using LocalStack for a CTF

I’m working on a CTF (capture-the-flag) scenario in which i want to explore AWS privilege escalation methods. For these purposes, i tried to find a way to emulate AWS services, especially IAM permissons, policies and roles. At first glance, LocalStack seemed to provide this functionality even in the community edition, however upon testing it out I figured that the Enforce_IAM feature is locked behind the PRO subscription, which is a huge overshoot for a simple CTF scenario in terms of pricing. Is it really so and would you consider making the feature available in public edition? LocalStack could be an amazing way to implement this type of red-team scenarios, but without the IAM authorization it is impossible to utilize it’s potential :frowning:

Hi — If you are using LocalStack for personal, non-commercial purposes, please consider signing up for our Hobby Plan on our application — LocalStack

The Hobby Plan should give you access to:

I hope this helps!

@HarshCasper Thanks for a quick reply! Sorry, but i only see the Pro, Team and Enterprise Plans. May u point me to the Hobby plan and how can i access it? Thanks!

Here you go:

1 Like