You're reading from Cybersecurity Attacks ‚Äì Red Team Strategies A practical guide to building a penetration testing program having homefield advantage

Product type Paperback

Published in Mar 2020

Publisher Packt

ISBN-13 9781838828868

Length 524 pages

Edition 1st Edition

Tools

Neo4j

Concepts

Cybersecurity

Author (1):

Johann Rehberger

View More author details

Table of Contents (17) Chapters

Preface

1. Section 1: Embracing the Red

2. Chapter 1: Establishing an Offensive Security Program FREE CHAPTER

3. Chapter 2: Managing an Offensive Security Team

4. Chapter 3: Measuring an Offensive Security Program

5. Chapter 4: Progressive Red Teaming Operations

6. Section 2: Tactics and Techniques

7. Chapter 5: Situational Awareness – Mapping Out the Homefield Using Graph Databases

8. Chapter 6: Building a Comprehensive Knowledge Graph

9. Chapter 7: Hunting for Credentials

10. Chapter 8: Advanced Credential Hunting

11. Chapter 9: Powerful Automation

12. Chapter 10: Protecting the Pen Tester

13. Chapter 11: Traps, Deceptions, and Honeypots

14. Chapter 12: Blue Team Tactics for the Red Team

15. Assessments

16. Another Book You May Enjoy

Leave a review - let other readers know what you think

Importing cloud assets

Pretty much every cloud provider offers REST API interfaces and command-line tools to query and enumerate information about the resources that exist within a cloud account or subscription.

Let's look at AWS. In case you have never used AWS, here we will briefly introduce you to a few of the cloud concepts. AWS allows us to run virtual machines (and other services) in the cloud, hosted by Amazon. It also offers an Identity and Access Management (IAM) system. IAM can be used to create different users, groups, and policies within an AWS account. This is in order to delegate workflows and isolate permissions and access.

In many ways, it's useful to think of a cloud provider account, such as AWS or Microsoft Azure, as a virtual datacenter. The customer can control who has access to it and what each user can do inside the virtual datacenter.

In this section, we will create an AWS group and user that we will leverage later on to export data.

...