Identifying entry points on AWS

Identifying entry points on AWS

Research Articles

  • AWS Lambda
  • AWS Inspector Network Reachability can find some of this as well.
  • AWS Penetration Testing with Kali (Boto3 and Pacu)
    • https://learning.oreilly.com/library/view/hands-on-aws-penetration/9781789136722/b333e411-e173-4bbd-8954-85f8a1ede9b2.xhtml
    • Using Boto3 and Pacu to Maintain AWS Persistence
    • https://subscription.packtpub.com/book/virtualization_and_cloud/9781789136722/11
    • https://learning.oreilly.com/library/view/hands-on-aws-penetration/9781789136722/7ba97c2d-2afb-4b15-9912-b5841ddeb325.xhtml
    • https://subscription.packtpub.com/book/virtualization_and_cloud/9781789136722/10/ch10lvl1sec70/using-the-boto3-library-for-reconnaissance
    • https://medium.com/cloud-security/aws-iam-role-profiles-with-boto3-a1ce1e8c27b3
  • AWS Policy evaluation
    • https://policysim.aws.amazon.com/home/index.jsp?#
    • https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow
  • Hide Kali linux and Boto from AWS GuardDuty
    • https://www.thesubtlety.com/post/patching-boto3-useragent/
  • Hacking with AWS Lambda and Python
    • https://www.rackspace.com/en-au/blog/the-devnull-s3-bucket-hacking-with-aws-lambda-and-python
  • Bypassing GuardDuty Pentesting
    • https://www.linkedin.com/pulse/bypass-guardduty-pentest-alerts-nick-frichette/
  • Enumerating Lambda functions for Pentesting
    • https://riyazwalikar.github.io/pentestawslambda/#/4/2
    • http://blog.blueinfy.com/2018/07/enmerating-lambda-functions-for.html

Terraform

  • https://github.com/bridgecrewio/checkov
  • https://github.com/tfsec/tfsec
  • https://github.com/accurics/terrascan
  • https://github.com/terraform-linters/tflint

Known AWS breaches

AWS – Easy to get started, changes daily, difficult to secure and harder to know if you are “doing it right’. AWS has 1000s of APIs, are you confident there are all secure? Have a good nights sleep.

AWS innovates really quickly. We send out a lot of new features that continually change the game in terms of how a central security team can approach security, monitor security, or author their permissions. Keeping up with all of this game-changing information is really, really hard. I follow Twitter and the What’s New announcements for up to date information, and of course the AWS Security Blog

chart, line chart
  • Capital One
  • Uber
    • GitHub repo misconfig
  • Tesla
    • Unsecured IT admin console
  • Dow Jones
    • S3 bucket misconfig
  • WWE

Tools

AWS Digital Forensic Analysis

rockstarL
  • rockstarL

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.