Cloud pen testing focuses on cloud-specific misconfigurations: IAM privilege escalation, public S3 buckets, SSRF to metadata service, Lambda function exploitation, exposed APIs, storage misconfigurations.
AWS pen test rules: most testing permitted, some services require AWS approval (DDoS testing, Route53 infrastructure). ScoutSuite and Prowler assess cloud security posture. Pacu is the AWS exploitation framework. Cloud environments often have IAM misconfigurations that don't exist in traditional networks — know cloud-specific attack paths.