Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/CyberSecurityUP/Awesome-Cloud-PenTest


https://github.com/CyberSecurityUP/Awesome-Cloud-PenTest

List: Awesome-Cloud-PenTest

Last synced: 21 days ago
JSON representation

Awesome Lists containing this project

README

        

# Awesome-Cloud-PenTest

## Cloud PenTest - AWS and Azure by Joas

## What is AWS

- https://docs.aws.amazon.com/

- https://github.com/awsdocs

## Extras Resources

- https://github.com/enaqx/awesome-pentest

- https://www.sans.org/cyber-security-courses/cloud-penetration-testing/

- https://www.udemy.com/course/cloud-hacking/

- https://aws.amazon.com/pt/security/penetration-testing/

- https://cloudacademy.com/course/aws-security-fundamentals/introduction-74/

- https://cobalt.io/blog/what-you-need-to-know-about-aws-pentesting

- https://gracefulsecurity.com/an-introduction-to-penetration-testing-aws-same-same-but-different/

- https://www.virtuesecurity.com/aws-penetration-testing-part-2-s3-iam-ec2/

- https://securityboulevard.com/2021/03/aws-penetration-testing-essential-guidance-for-2021/

- https://www.darkskope.com/aws-penetration-testing

- https://bootcamps.pentesteracademy.com/certifications

- https://docs.microsoft.com/pt-br/azure/security/fundamentals/pen-testing

- https://www.youtube.com/watch?v=lOhvIooWzOg

- https://gbhackers.com/cloud-computing-penetration-testing-checklist-important-considerations/

- https://www.linkedin.com/pulse/cloud-computing-penetration-testing-checklist-priya-james-ceh-1/

- https://www.happiestminds.com/blogs/tag/penetration-testing-checklist/

- https://blog.rsisecurity.com/how-to-conduct-cloud-penetration-testing/

- https://www.nettitude.com/uk/penetration-testing/cloud-service-testing/

- https://techbeacon.com/enterprise-it/pen-testing-cloud-based-apps-step-step-guide

- https://book.hacktricks.xyz/cloud-security/cloud-security-review

- https://medium.com/@jonathanchelmus/cloud-pentesting-for-noobs-da867d9c5ecb

- https://pt.slideshare.net/TeriRadichel/are-you-ready-for-a-cloud-pentest

- https://www.blackhillsinfosec.com/tag/pentest/

- https://www.youtube.com/watch?v=aqumgrSBDM4

- My ebook: https://drive.google.com/file/d/14rthHtAgbd--pWEmzmj4i5j59Rl6dLC1/view?usp=sharing

- https://hackerassociate.com/training-and-certification/ocpt-offensive-cloud-penetration-testing/

- https://ine.com/pages/cloudpentesting

- https://hausec.com/2020/01/31/attacking-azure-azure-ad-and-introducing-powerzure/

- https://gracefulsecurity.com/an-introduction-to-pentesting-azure/

- https://rhinosecuritylabs.com/cloud-security/common-azure-security-vulnerabilities/

## My Social Networks

- https://www.linkedin.com/in/joas-antonio-dos-santos

- https://twitter.com/C0d3Cr4zy

## What is Azure

- https://docs.microsoft.com/pt-br/azure/?product=featured

- https://github.com/MicrosoftDocs/azure-docs

## PenTest Policy

- https://docs.microsoft.com/en-us/azure/security/fundamentals/pen-testing

- https://www.microsoft.com/en-us/msrc/pentest-rules-of-engagement?rtc=1

- https://aws.amazon.com/pt/security/penetration-testing/

- https://msrc.microsoft.com/en-us/engage/pentest

## PenTest in AWS

- Offensive Security

- https://github.com/carnal0wnage/weirdAAL
- https://github.com/RhinoSecurityLabs/pacu
- https://github.com/disruptops/cred_scanner
- https://github.com/dagrz/aws_pwn
- https://github.com/MindPointGroup/cloudfrunt
- https://github.com/prevade/cloudjack
- https://github.com/andresriancho/nimbostratus
- https://github.com/zricethezav/gitleaks
- https://github.com/dxa4481/truffleHog
- https://github.com/securing/DumpsterDiver
- https://github.com/gruntwork-io/cloud-nuke
- https://github.com/ThreatResponse/mad-king
- https://github.com/mozilla/MozDef
- https://github.com/puresec/lambda-proxy
- https://github.com/Static-Flow/CloudCopy
- https://github.com/andresriancho/enumerate-iam
- https://github.com/Voulnet/barq
- https://github.com/RhinoSecurityLabs/ccat
- https://github.com/bishopfox/dufflebag
- https://github.com/splunk/attack_range
- https://github.com/elitest/Redboto
- https://github.com/Skyscanner/whispers
- https://github.com/0xsha/cloudbrute
- https://github.com/Parasimpaticki/sandcastle
- https://github.com/smiegles/mass3
- https://github.com/koenrh/s3enum
- https://github.com/tomdev/teh_s3_bucketeers
- https://github.com/eth0izzle/bucket-stream
- https://github.com/gwen001/s3-buckets-finder
- https://github.com/aaparmeggiani/s3find
- https://github.com/random-robbie/slurp
- https://github.com/clario-tech/s3-inspector
- https://github.com/pbnj/s3-fuzzer
- https://github.com/jordanpotti/AWSBucketDump
- https://github.com/bear/s3scan
- https://github.com/sa7mon/S3Scanner
- https://github.com/magisterquis/s3finder
- https://github.com/abhn/S3Scan
- https://github.com/whitfin/s3-meta
- https://github.com/whitfin/s3-meta
- https://github.com/vr00n/Amazon-Web-Shenanigans
- https://github.com/FishermansEnemy/bucket_finder
- https://github.com/brianwarehime/inSp3ctor
- https://github.com/Atticuss/bucketcat
- https://github.com/nahamsec/lazys3
- https://github.com/Ucnt/aws-s3-data-finder
- https://github.com/securing/BucketScanner
- https://github.com/VirtueSecurity/aws-extender-cli
- https://github.com/cr0hn/festin
- https://github.com/kurmiashish/S3Insights
- https://github.com/nccgroup/s3_objects_check
- https://github.com/toniblyx/my-arsenal-of-aws-security-tools
- https://rhinosecuritylabs.com/aws/aws-essentials-top-5-tests-penetration-testing-aws/
- https://rhinosecuritylabs.com/aws/pacu-open-source-aws-exploitation-framework/
- https://github.com/eth0izzle/shhgit
- https://www.getastra.com/blog/security-audit/aws-penetration-testing/
- https://owasp.org/www-pdf-archive/Aws_security_joel_leino.pdf
- https://rhinosecuritylabs.com/penetration-testing/penetration-testing-aws-cloud-need-know/
- https://github.com/PacktPublishing/Hands-On-AWS-Penetration-Testing-with-Kali-Linux
- https://github.com/lamkeysing92/aws-pentest-inventory
- https://github.com/dagrz/aws_pwn
- https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training

## AWS Security

- Defensive: Hardening, Security Assessment and Inventory

- https://github.com/nccgroup/ScoutSuite
- https://github.com/toniblyx/prowler
- https://github.com/cloudsploit/scans
- https://github.com/duo-labs/cloudmapper
- https://github.com/duo-labs/cloudtracker
- https://github.com/awslabs/aws-security-benchmark
- https://github.com/arkadiyt/aws_public_ips
- https://github.com/nccgroup/PMapper
- https://github.com/nccgroup/aws-inventory
- https://github.com/disruptops/resource-counter
- https://github.com/Teevity/ice
- https://github.com/cyberark/SkyArk
- https://github.com/willbengtson/trailblazer-aws
- https://github.com/lateralblast/lunar
- https://github.com/tensult/cloud-reports
- https://github.com/tmobile/pacbot
- https://github.com/SecurityFTW/cs-suite
- https://github.com/te-papa/aws-key-disabler
- https://github.com/turnerlabs/antiope
- https://github.com/lyft/cartography
- https://github.com/mlabouardy/komiser
- https://github.com/darkarnium/perimeterator
- https://github.com/DenizParlak/Zeus
- https://github.com/darkbitio/aws-recon
- https://github.com/mhlabs/iam-policies-cli
- https://github.com/toniblyx/my-arsenal-of-aws-security-tools
- https://github.com/jassics/awesome-aws-security

- https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-cis.html

## PenTest in Azure

- Enumeration

- o365creeper - Enumerate valid email addresses
- CloudBrute - Tool to find a cloud infrastructure of a company on top Cloud providers
- cloud_enum - Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud
- Azucar - Security auditing tool for Azure environments
- CrowdStrike Reporting Tool for Azure (CRT) - Query Azure AD/O365 tenants for hard to find permissions and configuration settings
- ScoutSuite - Multi-cloud security auditing tool. Security posture assessment of different cloud environments.
- BlobHunter - A tool for scanning Azure blob storage accounts for publicly opened blobs
- Grayhat Warfare - Open Azure blobs and AWS bucket search

- Information Gathering

- o365recon - Information gathering with valid credentials to Azure
- Get-MsolRolesAndMembers.ps1 - Retrieve list of roles and associated role members
- ROADtools - Framework to interact with Azure AD
- PowerZure - PowerShell framework to assess Azure security
- Azurite - Enumeration and reconnaissance activities in the Microsoft Azure Cloud
- Sparrow.ps1 - Helps to detect possible compromised accounts and applications in the Azure/M365 environment
- Hawk - Powershell based tool for gathering information related to O365 intrusions and potential breaches
- Microsoft Azure AD Assessment - Tooling for assessing an Azure AD tenant state and configuration

- Lateral Movement

- Stormspotter - Azure Red Team tool for graphing Azure and Azure Active Directory objects
- AzureADLateralMovement - Lateral Movement graph for Azure Active Directory
- SkyArk - Discover, assess and secure the most privileged entities in Azure and AWS

- Exploitation

- MicroBurst - A collection of scripts for assessing Microsoft Azure security
- azuread_decrypt_msol_v2.ps1 - Decrypt Azure AD MSOL service account
- Credential Attacks

- MSOLSpray - A password spraying tool for Microsoft Online accounts (Azure/O365)
- MFASweep - A tool for checking if MFA is enabled on multiple Microsoft Services Resources
- adconnectdump - Dump Azure AD Connect credentials for Azure AD and Active Directory

- Abusing Azure AD SSO with the Primary Refresh Token

- Abusing dynamic groups in Azure AD for Privilege Escalation

- Attacking Azure, Azure AD, and Introducing PowerZure

- Attacking Azure & Azure AD, Part II

- Azure AD Connect for Red Teamers

- Azure AD Introduction for Red Teamers

- Azure AD Pass The Certificate

- Azure AD privilege escalation - Taking over default application permissions as Application Admin

- Defense and Detection for Attacks Within Azure

- Hunting Azure Admins for Vertical Escalation

- Impersonating Office 365 Users With Mimikatz

- Lateral Movement from Azure to On-Prem AD

- Malicious Azure AD Application Registrations

- Moving laterally between Azure AD joined machines

- CrowdStrike Launches Free Tool to Identify and Help Mitigate Risks in Azure Active Directory

- Privilege Escalation Vulnerability in Azure Functions

- Azure Application Proxy C2

- Recovering Plaintext Passwords from Azure Virtual Machines like It’s the 1990s

- Azure Articles from NetSPI

- Azure Cheat Sheet on CloudSecDocs

- Resources about Azure from Cloudberry Engineering

- Resources from PayloadsAllTheThings

- Encyclopedia on Hacking the Cloud - (No content yet for Azure)

- azure-security-lab - Securing Azure Infrastructure - Hands on Lab Guide

- AzureSecurityLabs - Hands-on Security Labs focused on Azure IaaS Security

- Building Free Active Directory Lab in Azure

- https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Cloud%20-%20Azure%20Pentest.md

- https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/security/fundamentals/pen-testing.md

- https://github.com/swiftsolves-msft/AzurePenTestScope

## Azure Security

- https://github.com/LennonCMJ/pentest_script/blob/master/Azure_Testing.md

- https://github.com/dafthack/CloudPentestCheatsheets

- https://github.com/mattrotlevi/lava

- https://github.com/Azure/Azure-Security-Center

- https://github.com/kmcquade/awesome-azure-security

- https://github.com/MicrosoftLearning/AZ-500-Azure-Security

- https://github.com/Azure/Azure-Network-Security

- https://github.com/MicrosoftDocs/SecurityBenchmarks

- https://microsoftlearning.github.io/AZ500-AzureSecurityTechnologies/

- https://www.cisecurity.org/benchmark/azure/