Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jeremylaratro/cloud_pentesting_overview

Cloud Pentesting Resource Collection
https://github.com/jeremylaratro/cloud_pentesting_overview

aws cloud cloudsecurity pentesting security

Last synced: 4 days ago
JSON representation

Cloud Pentesting Resource Collection

Host: GitHub
URL: https://github.com/jeremylaratro/cloud_pentesting_overview
Owner: jeremylaratro
Created: 2023-05-20T04:56:16.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2024-01-10T22:21:59.000Z (12 months ago)
Last Synced: 2024-01-10T23:39:55.567Z (12 months ago)
Topics: aws, cloud, cloudsecurity, pentesting, security
Homepage:
Size: 107 KB
Stars: 2
Watchers: 1
Forks: 2
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# Cloud Pentesting: Resource and Lab Collection

Personal compilation of cloud-related pentesting/cloud security links and resources. Feel free to add.

## Overview
> Common Technologies

Some of the many cloud providers.
- AWS
- GCP
- Azure
- Kubernetes
- IBM
- Digital Ocean

-----

## Resources
> Repos, links, etc

#### Cheatsheets and Compilations
> A compilation of compilations

https://github.com/dafthack/CloudPentestCheatsheets

https://github.com/TROUBLE-1/Cloud-Pentesting

https://github.com/vengatesh-nagarajan/Cloud-pentest

https://github.com/kh4sh3i/cloud-penetration-testing

#### General Resources
> Other general, non-technology specific resources

https://pentestbook.six2dez.com/enumeration/cloud

https://cloud.hacktricks.xyz/welcome/readme

https://bishopfox.com/blog/cloud-pen-testing-tools

https://medium.com/@mancusomjm/aws-azure-google-cloud-penetration-testing-resources-ca4b2bf1a4a6

https://github.com/jassics/security-study-plan

#### General Labs
> Cloud lab platform with multiple providers

https://pwnedlabs.io/

-----

## Technology Specifics
> Resources, tools, and labs for specific cloud providers

### AWS
> Resources, Tools, and Labs

- #### AWS: Resources

https://pentestbook.six2dez.com/enumeration/cloud/aws

https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Cloud%20-%20AWS%20Pentest.md

https://www.hackthebox.com/blog/aws-pentesting-guide

https://rhinosecuritylabs.com/penetration-testing/penetration-testing-aws-cloud-need-know/

https://infosecwriteups.com/deep-dive-into-aws-penetration-testing-a99192a26898

https://cybertalents.com/blog/aws-penetration-testing-what-you-need-to-know

https://github.com/pop3ret/AWSome-Pentesting/blob/main/AWSome-Pentesting-Cheatsheet.md

https://github.com/CyberSecArmy/AWS-Offensive-Exploitation---Pentesting

https://github.com/rootcathacking/cloudcat/blob/main/aws_cli.md

https://github.com/NickTheSecurityDude/AWS-Pentesting-Notes

https://github.com/0xdeadpool/AWS-Essentails-for-Pentest

- #### AWS: Tools

https://github.com/sebastian-mora/AWS-Loot

https://github.com/DavidDikker/endgame

https://github.com/gwen001/s3-buckets-finder

https://github.com/Ebryx/S3Rec0n

https://github.com/RhinoSecurityLabs/pacu

https://github.com/BishopFox/cloudfox

https://github.com/carnal0wnage/weirdAAL

https://github.com/ajinabraham/aws_security_tools

- #### AWS: Labs

https://cloud.hacktricks.xyz/pentesting-cloud/aws-security

https://github.com/juanjoSanz/aws-pentesting-lab

https://github.com/torque59/AWS-Vulnerable-Lambda

https://github.com/stafordtituss/HazProne

https://gainsec.com/2020/08/03/complete-cloudgoat-setup-guide/

https://github.com/applied-network-security/aws-pentesting-lab

https://github.com/marcosValle/auto-pentest-lab

>- Major topics to know:
- IAM Policies
- S3 Buckets
- EC2 Instances
- lambda functions & API endpoints
- VPC
- Group and Managed policies

- Find ssh keys --> use 'aws s3 cp' to get ssh key
- SSRF
- RCE
- instance-profile-attachment
- have low or insufficient privileges, but this permission - can create a new EC2 instance with higher privileges than can be further exploited

- #### Setting up your first AWS lab - a high level overview:
- Make AWS account
- Go to IAM and create a user or users and group(s) with the proper permissions/policies - depends on the lab, but for cloudgoat these work: (AdministratorAccess, AmazonRDSFullAccess, IAMFullAccess, AmazonS3FullAccess, CloudWatchFullAccess, AmazonDynamoDBFullAcces)
- Go to S3 and ensure you can create buckets
- configure your AWS account locally with the aws cli, using the account ID, secret, and region that you obtained when creatng the IAM roles
- It may be necessary to enable ACLs, which can be done through the S3 bucket permissions

-----

### Azure
> Resources, Tools, and Labs

#### Azure: Resources

https://pentestbook.six2dez.com/enumeration/cloud/azure

https://github.com/CMEPW/azure-mindmap

https://cloud.hacktricks.xyz/pentesting-cloud/azure-security

https://github.com/Kyuu-Ji/Awesome-Azure-Pentest

https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Cloud%20-%20Azure%20Pentest.md

https://www.cobalt.io/blog/azure-ad-pentesting-fundamentals

https://www.getastra.com/blog/security-audit/azure-penetration-testing/

https://github.com/mburrough/pentestingazureapps

https://github.com/badchars/AzureAD-Pentest

https://github.com/sabrinalupsan/pentesting-azure-ad

- #### Azure: Tools

https://github.com/ZephrFish/AzureAttackKit

https://github.com/AlteredSecurity/365-Stealer

https://github.com/optionalCTF/SSOh-No

https://github.com/CasperGN/MFASweep.py

https://github.com/nyxgeek/onedrive_user_enum

- #### Azure: Labs

https://github.com/esell/azure-sec-lab

https://github.com/uc-cyberclub/azure-pentesting-lab-tf

>- Things to look for
- Blobs
- AFR
- Leaked Tokens/Credentials
- Authentication and password attacks - spraying oauth

-----

### Google Cloud
> Resources

- #### GCP: Resources
https://pentestbook.six2dez.com/enumeration/cloud/gcp

https://cloud.hacktricks.xyz/pentesting-cloud/gcp-security

-----

>Kubernetes
> Resources, Labs, Tools

- #### Kubernetes: Resources
https://cloud.hacktricks.xyz/pentesting-cloud/kubernetes-security

https://pentestbook.six2dez.com/enumeration/cloud/docker-and-and-kubernetes

https://github.com/SunWeb3Sec/Kubernetes-security

https://github.com/jarvarbin/Kubernetes-Pentesting

https://github.com/magnologan/awesome-k8s-security

https://hannahsuarez.github.io/2019/pentesting-kubernetes/

https://gitlab.com/pentest-tools/PayloadsAllTheThings/-/tree/master/Kubernetes

https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-1

https://lobuhisec.medium.com/kubernetes-pentest-recon-checklist-tools-and-resources-30d8e4b69463

https://hacktricks.boitatech.com.br/pentesting/pentesting-kubernetes

https://securitycafe.ro/2023/02/27/a-complete-kubernetes-config-review-methodology/

https://github.com/ksoclabs/awesome-kubernetes-security

https://github.com/g3rzi/HackingKubernetes

https://reconshell.com/kubernetes-security-checklist/
-These two are more about configuration but, gotta know how to build to know how to break it

https://reconshell.com/kubernetes-security-checklist/

- #### Kubernetes - Tools

https://github.com/madhuakula/hacker-container

https://github.com/quarkslab/kdigger

https://github.com/aquasecurity/kube-hunter/

https://github.com/inguardians/peirates

https://github.com/collabnix/kubetools

https://github.com/4ARMED/kubeletmein

https://github.com/cdk-team/CDK

- #### Kubernetes - Labs

https://github.com/madhuakula/kubernetes-goat

https://github.com/nabilblk/k8s-security

> Things to know:
- Clusters
- RBAC
- Service Tokens & Secrets
- Pods
- Endpoints & API
-----

### Practice General Labs & Writeups/Walkthroughs
##### Other/General Labs:
> Lab compilations:

https://github.com/iknowjason/Awesome-CloudSec-Labs

https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training

#### Walkthroughs:

https://github.com/appsecco/attacking-cloudgoat2

https://rhinosecuritylabs.com/aws/cloudgoat-walkthrough-rce_web_app/

https://github.com/appsecco/attacking-cloudgoat2

https://resources.infosecinstitute.com/topic/cloudgoat-walkthrough-series-iam-privilege-escalation-by-attachment/

-----

### Tools
> Other tools that don't quite fit in a specific provider section or are applicable to all/multiple

[awscli](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html)

[terraform](https://developer.hashicorp.com/terraform/downloads?ajs_aid=22a5f626-91e2-47a1-8a12-c55fbd2fa43f&product_intent=terraform)

https://github.com/nccgroup/ScoutSuite

https://github.com/iknowjason/edge

https://github.com/0xsha/CloudBrute

https://github.com/Macmod/STARS

https://github.com/Zeus-Labs/ZeusCloud

https://github.com/rams3sh/Aaia

https://github.com/RhinoSecurityLabs/ccat

https://github.com/404tk/cloudtoolkit

https://github.com/lord-alfred/ipranges

#### Cloud-Specific Frameworks
> C2 framework

https://github.com/gl4ssesbo1/Nebula

----