Dangling Domains

Dangling Domains in AWS script for exploitation This was written by dafthack/aws-dangling-domain-discovery-tool.sh but was not working because BING updated its endpoints. Also I added some enhacements to the code. Like the last commented line, with that you can...

HoneyTokens AWS y Azure

AWS Honeytokens, closely related to honeypots, are ‘tripwires’ that you leave on machines and data stores as early warning indications of a breach. Using AWS IAM access keys, we can create nearly limitless honeytokens for attackers to stumble upon – and it’s...

flAWS 2. Capture the flag de AWS en Español

flAWS2 es un capture de flag para enseñar problemas que son específicos de AWS. Hay un flaws1 Link -> http://flaws.cloud/ flaws2 Link -> http://level1.flaws2.cloud/ Nivel 1 Podemos ver que debes mandar un pin code. Pero si mandas una letra se genera un error:...

flAWS. Capture the flag de AWS en Español

flAWS es un capture de flag para enseñar problemas que son específicos de AWS. Link -> http://flaws.cloud/ Nivel 1 Notas: los nombres de S3 son únicos y deben estar acorde al dominio. Se pueden tener sitios estáticos muy eficientes en S3 con cloud. La lógica...

IAM audits AWS

Hay dos herramientas interesantes para checar tu AIM ussage Repokid uses Access Advisor provided by Aardvark to remove permissions granting access to unused services from the inline policies of IAM roles in an AWS account. https://github.com/Netflix/repokid y...

Network mapping AWS

Hace poco trabajé con un cliente y su pregunta principal era si podíamos atacar su nube desde fuera. Yo siempre pensado que lo más importante es tener una buena configuración y visualización de la misma. Es por eso que esta vez voy a hablar de como hacer mapas de tu...

IP a CloudService Script

Check which cloud provider is hosting a particular IP address. Some providers will also have service and region listed Resolves an IP address to the cloud provider it is hosted on https://github.com/oldrho/ip2provider 16 forks. 83 stars. 6 open issues. Recent commits:...

Que puedo hacer con estas AWS keys?

Offensively, WeirdAAL helps you answer the “what can I do with this AWS key”? We aim to answer that question, in a blackbox way, via recon modules and modules specifically dedicated to attack each of the interesting AWS service offerings while avoiding detection. It...

Pacu, Metasploit para AWS

Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its functionality. Current...

IP rotation attacks in Cloud

FireProx Being able to hide or continually rotate the source IP address when making web calls can be difficult or expensive. A number of tools have existed for some time but they were either limited with the number of IP addresses, were expensive, or required...

Prowler: AWS CIS Benchmark Tool

Prowler is a command line tool for AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tool. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has 40 additional checks including related to GDPR...