Breaking and Pwning Apps and Servers on AWS and Azure Logo

Breaking and Pwning Apps and Servers on AWS and Azure

0
Free
Visit Website

Amazon Web Services (AWS) and Azure run the most popular and used cloud infrastructure and boutique of services. There is a need for security testers, Cloud/IT admins and people tasked with the role of DevSecOps to learn on how to effectively attack and test their cloud infrastructure. In this tools and techniques based training we cover attack approaches, creating your attack arsenal in the cloud. This training is designed to help you learn how to test and attack cloud infrastructure, including AWS and Azure, using various tools and techniques. The training includes: * Hands-on labs and exercises to help you practice your skills * Real-world scenarios and case studies to help you understand how to apply your skills in real-world situations * A comprehensive guide to cloud security testing and penetration testing This training is perfect for anyone who wants to learn how to test and attack cloud infrastructure, including security testers, Cloud/IT admins, and people tasked with the role of DevSecOps.

FEATURES

ALTERNATIVES

A security tool to identify interesting files in AWS S3 buckets

Implements a cloud version of the Shadow Copy attack against domain controllers in AWS, allowing theft of domain user hashes.

Find exposed AWS cloud assets that you did not know you had.

A Python script to test the security of AWS S3 buckets

A tool for discovering company infrastructure and apps on major cloud providers, beneficial for bug bounty hunters and penetration testers.

A security toolkit for Amazon S3

S3Scanner scans for misconfigured S3 buckets across S3-compatible APIs, identifying potential security vulnerabilities and data exposure risks.

Zeus is a powerful tool for AWS EC2 / S3 / CloudTrail / CloudWatch / KMS best hardening practices with a focus on Identity and Access Management.