Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Hands-On AWS Penetration Testing with Kali Linux Set up a virtual lab and pentest major AWS services, including EC2, S3, Lambda, and CloudFormation

Product type Paperback

Published in Apr 2019

Publisher Packt

ISBN-13 9781789136722

Length 508 pages

Edition 1st Edition

Tools

AWS

Concepts

Penetration Testing

Authors (2):

Benjamin Caudill

Karl Gilbert Gupta

View More author details

Table of Contents (28) Chapters

Preface

1. Section 1: Kali Linux on AWS FREE CHAPTER

2. Setting Up a Pentesting Lab on AWS

3. Setting Up a Kali PentestBox on the Cloud

4. Exploitation on the Cloud using Kali Linux

5. Section 2: Pentesting AWS Elastic Compute Cloud Configuring and Securing

6. Setting Up Your First EC2 Instances

7. Penetration Testing of EC2 Instances using Kali Linux

8. Elastic Block Stores and Snapshots - Retrieving Deleted Data

9. Section 3: Pentesting AWS Simple Storage Service Configuring and Securing

10. Reconnaissance - Identifying Vulnerable S3 Buckets

11. Exploiting Permissive S3 Buckets for Fun and Profit

12. Section 4: AWS Identity Access Management Configuring and Securing

13. Identity Access Management on AWS

14. Privilege Escalation of AWS Accounts Using Stolen Keys, Boto3, and Pacu

15. Using Boto3 and Pacu to Maintain AWS Persistence

16. Section 5: Penetration Testing on Other AWS Services

17. Security and Pentesting of AWS Lambda

18. Pentesting and Securing AWS RDS

19. Targeting Other Services

20. Section 6: Attacking AWS Logging and Security Services

21. Pentesting CloudTrail

22. GuardDuty

23. Section 7: Leveraging AWS Pentesting Tools for Real-World Attacks

24. Using Scout Suite for AWS Security Auditing

25. Using Pacu for AWS Pentesting

26. Putting it All Together - Real - World AWS Pentesting

27. Other Books You May Enjoy

Leave a review - let other readers know what you think

An introduction to GuardDuty and its findings

GuardDuty is a continuous monitoring service offered by AWS that identifies and alerts about suspicious or unwanted behavior within an account. There are currently three data sources that it analyzes, which are virtual private cloud (VPC) flow logs, CloudTrail event logs, and domain name system (DNS) logs. Note that VPC flow logging and CloudTrail event logging do not need to be enabled on your account for GuardDuty to use them, and there is currently no way to review DNS logs in AWS. This means that even if there are no flow logs active in the environment and CloudTrail is disabled, GuardDuty will still generate findings from VPC flow logs, CloudTrail event logs, and DNS logs.

It is also important to note that GuardDuty can only ingest DNS logs if the requests are routed through AWS DNS resolvers, which is the default for EC2 instances...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (2)

Karl Gilbert Gupta

Karl Gilbert is a security researcher who has contributed to the security of some widely used open-source software. His primary interests relate to vulnerability research, 0-days, cloud security, secure DevOps, and CI/CD.

See other products by Karl Gilbert Gupta

Benjamin Caudill

Benjamin Caudill is a security researcher and founder of pentesting firm Rhino Security Labs. Built on 10+ years of offensive security experience, Benjamin directed the company with research and development as its foundation, into a key resource for high-needs clients. Benjamin has also been a major contributor to AWS security research. With co-researcher Spencer Gietzen, the two have developed Pacu (the AWS exploitation framework) and identified dozens of new attack vectors in cloud architecture. Both GCP and Azure research are expected throughout 2019. As a regular contributor to the security industry, Benjamin been featured on CNN, Wired, Washington Post, and other major media outlets.

See other products by Benjamin Caudill