red shadow - Lightspin AWS Vulnerability Scanner
https://reconshell.com/red-shadow-lightspin-aws-vulnerability-scanner/
#PrivilegeEscalation #exploit #Exploitation #AWS
#Vulnerability #Scanner
https://reconshell.com/red-shadow-lightspin-aws-vulnerability-scanner/
#PrivilegeEscalation #exploit #Exploitation #AWS
#Vulnerability #Scanner
Got a S3 bucket but don't know who is the owner?
Use the below command to check the bucket owner
#bugbountytip #bugbountytips #infosec #AWS
Use the below command to check the bucket owner
aws s3api get-bucket-acl --bucket bucket-name#bugbountytip #bugbountytips #infosec #AWS
ScoutSuite
Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically.
# https://github.com/nccgroup/ScoutSuite
# https://github.com/nccgroup/sadcloud
#aws #azure #gcp #auditing #tool
Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically.
# https://github.com/nccgroup/ScoutSuite
# https://github.com/nccgroup/sadcloud
#aws #azure #gcp #auditing #tool
GitHub
GitHub - nccgroup/ScoutSuite: Multi-Cloud Security Auditing Tool
Multi-Cloud Security Auditing Tool. Contribute to nccgroup/ScoutSuite development by creating an account on GitHub.
Arsenal of AWS Security Tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
https://github.com/toniblyx/my-arsenal-of-aws-security-tools
#aws #security #benchmarks #blueteam
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
https://github.com/toniblyx/my-arsenal-of-aws-security-tools
#aws #security #benchmarks #blueteam
GitHub
GitHub - toniblyx/my-arsenal-of-aws-security-tools: List of open source tools for AWS security: defensive, offensive, auditing…
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc. - toniblyx/my-arsenal-of-aws-security-tools
Password Hash Cracking in AWS
https://www.sans.org/blog/password-hash-cracking-amazon-web-services/
#aws #cuda #hashcat
https://www.sans.org/blog/password-hash-cracking-amazon-web-services/
#aws #cuda #hashcat
www.sans.org
Password Hash Cracking in Amazon Web Services | SANS Institute
This article will discuss the use of cracking cloud computing resources in Amazon Web Services (AWS) to crack password hashes.
Free Labs to Learn Cloud Penetration Testing
https://flaws.cloud/
https://flaws2.cloud/
https://github.com/OWASP/Serverless-Goat
https://n0j.github.io/2017/10/02/aws-s3-ctf.html
https://github.com/torque59/AWS-Vulnerable-Lambda
https://github.com/wickett/lambhack
https://github.com/BishopFox/iam-vulnerable
https://github.com/RhinoSecurityLabs/cloudgoat
https://github.com/appsecco/attacking-cloudgoat2
https://github.com/m6a-UdS/dvca
https://github.com/OWASP/DVSA
https://github.com/nccgroup/sadcloud
#cloud #aws #pentest
https://flaws.cloud/
https://flaws2.cloud/
https://github.com/OWASP/Serverless-Goat
https://n0j.github.io/2017/10/02/aws-s3-ctf.html
https://github.com/torque59/AWS-Vulnerable-Lambda
https://github.com/wickett/lambhack
https://github.com/BishopFox/iam-vulnerable
https://github.com/RhinoSecurityLabs/cloudgoat
https://github.com/appsecco/attacking-cloudgoat2
https://github.com/m6a-UdS/dvca
https://github.com/OWASP/DVSA
https://github.com/nccgroup/sadcloud
#cloud #aws #pentest
GitHub
GitHub - OWASP/Serverless-Goat: OWASP ServerlessGoat: a serverless application demonstrating common serverless security flaws
OWASP ServerlessGoat: a serverless application demonstrating common serverless security flaws - OWASP/Serverless-Goat
👍1
AWS IAM explained for RedTeam & BlueTeam
https://infosecwriteups.com/aws-iam-explained-for-red-and-blue-teams-2dda8b20fbf7
#aws #iam #redteam #blueteam
https://infosecwriteups.com/aws-iam-explained-for-red-and-blue-teams-2dda8b20fbf7
#aws #iam #redteam #blueteam
Medium
AWS IAM explained for Red and Blue teams
Introduction
S3Scanner
Scan for open S3 buckets and dump the contents
Features:
— Multi-threaded scanning
— Supports tons of S3-compatible APIs
— Scans all bucket permissions to find misconfigurations
— Dump bucket contents to a local folder
— Docker support
https://github.com/sa7mon/S3Scanner
#aws #s3 #bucket #scanner
Scan for open S3 buckets and dump the contents
Features:
— Multi-threaded scanning
— Supports tons of S3-compatible APIs
— Scans all bucket permissions to find misconfigurations
— Dump bucket contents to a local folder
— Docker support
https://github.com/sa7mon/S3Scanner
#aws #s3 #bucket #scanner
DNS Abuse & Misconfiguration
The History of DNS Vulnerabilities and the Cloud
https://unit42.paloaltonetworks.com/dns-vulnerabilities/
Dangling Domains: Security Threats, Detection and Prevalence
https://unit42.paloaltonetworks.com/dangling-domains/
Fishing the AWS IP Pool for Dangling Domains
https://bishopfox.com/blog/fishing-the-aws-ip-pool-for-dangling-domains
Respect My Authority – Hijacking Broken Nameservers to Compromise Your Target
https://thehackerblog.com/respect-my-authority-hijacking-broken-nameservers-to-compromise-your-target/
The Orphaned Internet – Taking Over 120K Domains via a DNS Vulnerability in AWS, Google Cloud, Rackspace and Digital Ocean
https://thehackerblog.com/the-orphaned-internet-taking-over-120k-domains-via-a-dns-vulnerability-in-aws-google-cloud-rackspace-and-digital-ocean/
The .io Error – Taking Control of All .io Domains With a Targeted Registration
https://thehackerblog.com/the-io-error-taking-control-of-all-io-domains-with-a-targeted-registration/
The International Incident – Gaining Control of a .int Domain Name With DNS Trickery
https://thehackerblog.com/the-international-incident-gaining-control-of-a-int-domain-name-with-dns-trickery/
Hostile Subdomain Takeover using Heroku/Github/Desk + more
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Dangling DNS: Amazon EC2 IPs
https://blog.melbadry9.xyz/dangling-dns/aws/ddns-ec2-current-state
Eliminating Dangling Elastic IP Takeovers with Ghostbuster
https://blog.assetnote.io/2022/02/13/dangling-eips/
Internet-Wide Analysis of Subdomain Takeovers
https://redhuntlabs.com/blog/project-resonance-wave-1.html
Subdomain Takeover
https://0xpatrik.com/subdomain-takeover-basics/
https://0xpatrik.com/subdomain-takeover-candidates/
https://0xpatrik.com/takeover-proofs/
https://0xpatrik.com/subdomain-takeover-ns/
https://0xpatrik.com/subdomain-takeover/
#dns #abuse #aws #elastic #subdomain #takeover
The History of DNS Vulnerabilities and the Cloud
https://unit42.paloaltonetworks.com/dns-vulnerabilities/
Dangling Domains: Security Threats, Detection and Prevalence
https://unit42.paloaltonetworks.com/dangling-domains/
Fishing the AWS IP Pool for Dangling Domains
https://bishopfox.com/blog/fishing-the-aws-ip-pool-for-dangling-domains
Respect My Authority – Hijacking Broken Nameservers to Compromise Your Target
https://thehackerblog.com/respect-my-authority-hijacking-broken-nameservers-to-compromise-your-target/
The Orphaned Internet – Taking Over 120K Domains via a DNS Vulnerability in AWS, Google Cloud, Rackspace and Digital Ocean
https://thehackerblog.com/the-orphaned-internet-taking-over-120k-domains-via-a-dns-vulnerability-in-aws-google-cloud-rackspace-and-digital-ocean/
The .io Error – Taking Control of All .io Domains With a Targeted Registration
https://thehackerblog.com/the-io-error-taking-control-of-all-io-domains-with-a-targeted-registration/
The International Incident – Gaining Control of a .int Domain Name With DNS Trickery
https://thehackerblog.com/the-international-incident-gaining-control-of-a-int-domain-name-with-dns-trickery/
Hostile Subdomain Takeover using Heroku/Github/Desk + more
https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/
Dangling DNS: Amazon EC2 IPs
https://blog.melbadry9.xyz/dangling-dns/aws/ddns-ec2-current-state
Eliminating Dangling Elastic IP Takeovers with Ghostbuster
https://blog.assetnote.io/2022/02/13/dangling-eips/
Internet-Wide Analysis of Subdomain Takeovers
https://redhuntlabs.com/blog/project-resonance-wave-1.html
Subdomain Takeover
https://0xpatrik.com/subdomain-takeover-basics/
https://0xpatrik.com/subdomain-takeover-candidates/
https://0xpatrik.com/takeover-proofs/
https://0xpatrik.com/subdomain-takeover-ns/
https://0xpatrik.com/subdomain-takeover/
#dns #abuse #aws #elastic #subdomain #takeover
👍1🔥1
🦊 CloudFox
Security firm BishopFox has open-sourced on Tuesday a new security tool named CloudFox that can find exploitable attack paths in cloud infrastructure.
Blog:
https://bishopfox.com/blog/introducing-cloudfox
Tool:
https://github.com/BishopFox/cloudfox
#cloud #aws #pentest #tools
Security firm BishopFox has open-sourced on Tuesday a new security tool named CloudFox that can find exploitable attack paths in cloud infrastructure.
Blog:
https://bishopfox.com/blog/introducing-cloudfox
Tool:
https://github.com/BishopFox/cloudfox
#cloud #aws #pentest #tools
🔥5
If you’re looking for a powerful tool to help you bypass Web Application Firewalls (WAFs) during external penetration tests and bug bounty programs, you’re in the right place. Gigaproxy tool is designed to rotate IPs using mitmproxy, AWS API Gateway, and Lambda. Fireprox is great but has one major downside. You can only target a single host at a time. Gigaproxy solves this.
🔗 Research:
https://www.sprocketsecurity.com/resources/gigaproxy
🔗 Source:
https://github.com/Sprocket-Security/gigaproxy
#ip #rotate #aws #api #gateway #proxy
Please open Telegram to view this post
VIEW IN TELEGRAM
Sprocket Security
One Proxy to Rule Them All
Introducing Gigaproxy to win big on external penetration tests and bug bounty programs.
🔥10👍5❤1