by Ric | Apr 9, 2021 | AWS tools, Blog, Cloud
...
by Ric | Apr 8, 2021 | AWS tools, Azure tools, Blog, Cloud
Hoy dí un webinar que aunque esta en ingles quedo muy bien 🙂 On Thursday 8 April, our CTO Ralph Moonen and Senior Security Specialist Ricardo Sanchez organized the webinar: “Security Challenges of a Cloud Migration”. The webinar can be viewed back. Cloud...
by Ric | Oct 18, 2020 | AWS tools, Azure tools, Blog, Cloud, Herramientas / tools
Dangling Domains in AWS script for exploitation This was written by dafthack/aws-dangling-domain-discovery-tool.sh but was not working because BING updated its endpoints. Also I added some enhacements to the code. Like the last commented line, with that you can...
by Ric | Oct 17, 2020 | AWS tools, Azure tools, Blog, Cloud, Herramientas / tools
AWS Honeytokens, closely related to honeypots, are ‘tripwires’ that you leave on machines and data stores as early warning indications of a breach. Using AWS IAM access keys, we can create nearly limitless honeytokens for attackers to stumble upon – and it’s...
by Ric | Sep 30, 2020 | AWS tools, Blog, Cloud, Herramientas / tools
En este link puedes tener acceso a un exámen oficial de preparación para AWS certified security speciality. https://rise.articulate.com/share/AMkmIRlYT4b8xsWXcOYEhqw3H_OMeoSM#/ Igual puedes ver estos videos: https://www.twitch.tv/aws/video/467770461...
by Ric | Sep 7, 2020 | AWS tools, Blog, Cloud
KMS Key management Service es un servicio para crear y controlar encryption keys. Usa HSM (hardware security modules). El tiempo mínimo para borrar una key es 7 días y se programa, no es automático. Una vez se programa para borrar no la puedes usar. Un system admin no...
by Ric | Aug 26, 2020 | AWS tools, Blog, Cloud, Herramientas / tools
Code for an intentionally vulnerable Lambda function. You can pass commands with an encoded ; “%3B” Debes poder pasar commandos en el url si los separas con un punto y coma encodeado con html ; “%3B” import json import os import subprocess def...
by Ric | Aug 24, 2020 | AWS tools, Azure tools, Blog, Cloud
Métodos de ataques Empezamos hablando de la diferencia entre On-prem y Cloud. Aplican los mismos ataques pero en diferentes ángulos Hay más espacios para misconfigurations Todos los resources tienen policies para hacer acciones. Osea hackear web te puede dar más...
by Ric | Aug 23, 2020 | AWS tools, Blog, Cloud
flAWS2 es un capture de flag para enseñar problemas que son específicos de AWS. Hay un flaws1 Link -> http://flaws.cloud/ flaws2 Link -> http://level1.flaws2.cloud/ Nivel 1 Podemos ver que debes mandar un pin code. Pero si mandas una letra se genera un error:...
by Ric | Aug 22, 2020 | AWS tools, Blog, Cloud
flAWS es un capture de flag para enseñar problemas que son específicos de AWS. Link -> http://flaws.cloud/ Nivel 1 Notas: los nombres de S3 son únicos y deben estar acorde al dominio. Se pueden tener sitios estáticos muy eficientes en S3 con cloud. La lógica...
by Ric | Aug 21, 2020 | AWS tools, Cloud, Herramientas / tools
Hay dos herramientas interesantes para checar tu AIM ussage Repokid uses Access Advisor provided by Aardvark to remove permissions granting access to unused services from the inline policies of IAM roles in an AWS account. https://github.com/Netflix/repokid y...
by Ric | Aug 20, 2020 | AWS tools, Cloud, Herramientas / tools
Hace poco trabajé con un cliente y su pregunta principal era si podíamos atacar su nube desde fuera. Yo siempre pensado que lo más importante es tener una buena configuración y visualización de la misma. Es por eso que esta vez voy a hablar de como hacer mapas de tu...
by Ric | Aug 15, 2020 | AWS tools, Azure tools, Herramientas / tools
Check which cloud provider is hosting a particular IP address. Some providers will also have service and region listed Resolves an IP address to the cloud provider it is hosted on https://github.com/oldrho/ip2provider 17 forks. 86 stars. 7 open issues. Recent commits:...
by Ric | Aug 14, 2020 | AWS tools, Azure tools, Blog, Cloud, Herramientas / tools
Currently enumerates the following: Amazon Web Services: Open S3 Buckets Protected S3 Buckets awsapps (WorkMail, WorkDocs, Connect, etc.) Microsoft Azure: Storage Accounts Open Blob Storage Containers Hosted Databases Virtual Machines Web Apps Google Cloud Platform...
by Ric | Aug 11, 2020 | AWS tools, Blog, Cloud, Herramientas / tools
Offensively, WeirdAAL helps you answer the “what can I do with this AWS key”? We aim to answer that question, in a blackbox way, via recon modules and modules specifically dedicated to attack each of the interesting AWS service offerings while avoiding detection. It...
by Ric | Jul 5, 2020 | AWS tools, Blog, Cloud, Herramientas / tools
CloudGoat is Rhino Security Labs’ “Vulnerable by Design” AWS deployment tool. CloudGoat is Rhino Security Labs’ “Vulnerable by Design” AWS deployment tool. It allows you to hone your cloud cybersecurity skills by creating and...
by Ric | Jul 4, 2020 | AWS tools, Blog, Cloud, Herramientas / tools
Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its functionality. Current...
by Ric | Jul 1, 2020 | AWS tools, Blog, Cloud, Herramientas / tools
FireProx Being able to hide or continually rotate the source IP address when making web calls can be difficult or expensive. A number of tools have existed for some time but they were either limited with the number of IP addresses, were expensive, or required...
by Ric | Jun 30, 2020 | AWS tools, Blog, Cloud, Herramientas / tools
Nota: muchas de estas opciones son inseguras. El punto de este video es mostrar que fácil es ejecutar una virtual machine en amazon. Otra nota, puedes ponerle un pihole para hacerlo...
by Ric | Jun 26, 2020 | AWS tools, Cloud, Herramientas / tools
De los creadores de PACU aqui esta un blog que describe las 21 privilege escalation methods que usan: https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/
by Ric | Jun 18, 2020 | AWS tools, Azure tools, Cloud, Herramientas / tools
Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather...
by Ric | May 19, 2020 | AWS tools, Blog, Cloud, Herramientas / tools
Este github https://github.com/nagwww/s3-leaks tiene una lista de S3 leaks famosos. Por ejemplo:
by Ric | May 5, 2020 | AWS tools, Blog, Cloud, Herramientas / tools
Prowler is a command line tool for AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tool. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has 40 additional checks including related to GDPR...
by Ric | Apr 19, 2020 | AWS tools, Blog, Cloud, Herramientas / tools
Este es un buscador que te muestra files y buckets de S3 y esta increible. https://buckets.grayhatwarfare.com/ Por ejemplo si buscas Femsa (una de las empresas dueñas de Cocacola en México) puedes ver algunas de sus buckets. ...
by Ric | Mar 12, 2020 | AWS tools, Blog, Cloud, Herramientas / tools
Después de hacer pruebas en AWS puede haberte quedado muchas cosas que al final te pueden costar. Para evitar eso puedes usar una cloud-nuke This repo contains a CLI tool to delete all resources in an AWS account. cloud-nuke was created for situations when you might...