book

AWS Penetration Testing

Name: AWS Penetration Testing
Author: Jonathan Helmus
ISBN: 9781839216923

by Jonathan Helmus

December 2020

Intermediate to advanced

330 pages

6h 48m

English

Packt Publishing

Read now

Unlock full access

AWS Penetration Testing
Why subscribe?ContributorsAbout the authorAbout the reviewerPackt is searching for authors like you
Preface
Who this book is forWhat this book coversTo get the most out of this bookDownload the example code filesCode in ActionDownload the color imagesConventions usedGet in touchReviews
Section 1: Setting Up AWS and Pentesting Environments
Chapter 1: Building Your AWS Environment
Technical requirementsExploring Amazon Web Services (AWS)AWS security and penetration testingUnderstanding our testing environmentConfiguring your environmentSetting up an account Setting up EC2 instances Setting up an EC2 instance with CentOSSetting up a Windows hostAttacker setup – setting up a Kali instanceConnecting with PuTTY Exploring vulnerable servicesDiscovering vulnerable servicesCreating vulnerable servicesAttacking vulnerabilitiesExploring MetasploitThe AWS Command Line Interface (CLI)Installing the AWS CLI Exploring basic AWS CLI commandsSummaryFurther reading
Chapter 2: Pentesting and Ethical Hacking
Technical requirementsWhat is penetration testing?Finding critical issues before the bad guys doPentesting methodologyTypes of pentestingAdvantages and disadvantagesKali LinuxSetting up a Linux imageExploring essential Linux commandsNMAPAWS InspectorMetasploitScriptingOperating systemsLinux/UnixLinux file permissionssudoWindowsGUISummaryFurther reading
Section 2: Pentesting the Cloud – Exploiting AWS
Chapter 3: Exploring Pentesting and AWS
Technical requirementsExploring reconnaissanceDriving enumeration for reconHarvesting email addressesThe WHOIS commandNetcraftEnumerating and understanding AWS servicesS3 buckets and discovering open buckets with web appsLambdaEC2 instancesScanning and examining targets for reconnaissance Metasploit NmapLambdaGuardS3 scanningKnowing the attackerCreating attack paths Organic attack pathsGoal-based attack pathsAWS attack pathsPentesting attack paths Red teaming for businessesDiving into the attacker mindsetDiscovering SSH keysHow the keys workGood hygiene Scanning and connecting to AWSScanning with NmapStarting MetasploitTCP scanning with MetasploitACK scanning with MetasploitRDP scanning with MetasploitConnecting with KaliConnecting with WindowsLearning from experienceSummaryFurther reading
Chapter 4: Exploiting S3 Buckets
Technical requirementsAWS Regions and Availability ZonesAvailability ZonesConnecting and manipulating S3 bucketsUnderstanding S3 bucketsUsing S3 bucketsS3 bucketsQuick detour – making IAM usersCopying and uploading to S3Bucket policies and ACLs Public bucket policiesUnderstanding policy attributesWriting bucket policies for policy bypassingPublic bucketsBucket misconfigurations Scripts to find private bucketsPython scriptingBash scriptingGoal-based pentesting scenariosDiscovering buckets with Grayhat WarfareS3 Burp Suite extensionsCreating a local S3 labSummaryFurther reading
Chapter 5: Understanding Vulnerable RDS Services
Technical requirementsUnderstanding RDSAdvantages of using RDSMySQL AuroraSetting up RDS (MySQL)Adding a rule to the security groupTesting the connection Scanning RDSUnderstanding basic SQL syntaxDatabase maneuvering and explorationDumping hashes with MetasploitCreating RDS databasesUnderstanding misconfigurationsWeak passwordsUnpatched databasesLearning about injection pointsWhat is an injection?How does it work?Why is it an issue?Summary Further reading
Chapter 6: Setting Up and Pentesting AWS Aurora RDS
Technical requirements Understanding and setting up the Aurora RDSSetting up AuroraWhite box/functional pentesting AuroraRecon – scanning for public accessEnumerating the username and passwordSetting up a lab for SQLi Configuring Juice Shop autostartFun with SQLiBypassing the admin loginLogging in as another userPreventing SQLiAvoiding DoSInfrastructure-layer attacksApplication-layer attacksProtection against DDoS in AWSSummaryFurther reading

Chapter 7: Assessing and Pentesting Lambda Services
Technical requirementsUnderstanding and setting up a Lambda serviceCreating a Lambda functionDigging into LambdaCreating a Lambda function that is compatible with S3Understanding misconfigurationsPopping reverse shells with LambdaThe coolness of reverse shellsThe ethical hacking game planInvoking with AWS CLIHaving fun with Metasploit and LambdaSummaryFurther reading
Chapter 8: Assessing AWS API Gateway
Technical requirementsExploring and configuring AWS APIsRESTful APIsWebSocket APIsAn overview of API mapsCreating our first API with AWSGetting started with Burp SuiteConfiguring Burp SuiteInspecting traffic with Burp SuiteDeploying the API gatewayGetting practical with intercepting API callsManipulating API callsFun with altering HTTP methodsSummaryFurther reading
Chapter 9: Real-Life Pentesting with Metasploit and More!
Technical requirementsReal pentesting with Metasploit What is functional testing?In the dark with black-box testingThe pentest pregameRenaming our VPC for clarityUpdating MetasploitTargeting WordPress for exploitationThe scenario - gaining unauthorized access Setting the target with LightsailEnumerating the targetPhishing for credentialsGaining access to WordPressExploiting and getting a reverse shell Discussing the issuesTargeting vulnerable service applications The scenario – discovering and attacking any low-hanging fruitSetting up the target with community AMIs Scanning for open portsInformation gathering for vulnerable servicesUsing Metasploit for total system takeoverPost exploitation and weakening additional servicesReporting the vulnerabilities Exploring AWS Metasploit modules Stealing user credentialsDiscovering EC2 instances in our unknown environmentEnumerating S3 buckets with MetasploitSummaryFurther reading
Section 3: Lessons Learned – Report Writing, Staying within Scope, and Continued Learning
Chapter 10: Pentesting Best Practices
Technical requirementsPentesting methodology for AWSReconnaissanceExploitationPost-exploitationReportingKnowing your pentest and the unknowns of AWS pentestingObtaining AWS credentialsOwners of resourcesCredentials to applications Revealing private and public networksPre-conditioning for the pentestTeam member assignmentsDocumentation preparationContact listAvoiding communication breakdownDaily start and stop emailsMaking use of meetingsAnswering questions short and simpleAchieving security and not obscuritySecurity through obscurityAvoiding obscurity with S3 bucketsPost-pentest – after the pentestPost-pentest meetingReportingSix-month follow-upSummary Further reading
Chapter 11: Staying Out of Trouble
Prohibited activitiesExhausting services via DoSUnderstanding floodingAvoiding legal issues Get-out-of-jail-free cardPotential damage Understanding the data classifications Stress testing Why stress test?Authorized stress testingSummaryFurther reading
Chapter 12: Other Projects with AWS
Technical requirementsUnderstanding the MITRE ATT&CK frameworkUnderstanding TTPs with AWS matrixes Discovering MITRE ATT&CK Navigator Taking the bait with phishingExecuting phishing with AWS SummaryFurther reading
Other Books You May Enjoy
Leave a review - let other readers know what you think

Overview

AWS Penetration Testing is a practical guide designed to help security professionals and ethical hackers learn how to test and secure AWS environments. By learning penetration testing methodologies and techniques, you will gain the skills to identify vulnerabilities in AWS services, protect your cloud infrastructure, and comply with best practices.

What this Book will help me do

Understand and set up AWS penetration testing services and environments.
Gain expertise in using tools like Metasploit and Nmap for ethical hacking on AWS.
Learn exploitation techniques for AWS services like Lambda, EC2, and S3.
Master the art of writing thorough penetration testing reports and documentation.
Discover best practices for securing AWS environments against cyber threats.

Author(s)

Jonathan Helmus is a seasoned security professional with years of experience in penetration testing and cloud security. With a focus on AWS technologies, he brings in-depth expertise and practical knowledge to his writing. Jonathan's approachable and hands-on methodology ensures readers grasp complex tools and techniques effectively.

Who is it for?

This book is ideal for network engineers, system operators, and IT security professionals who wish to enhance their skills in AWS security and penetration testing. Suitable for beginners, it requires no prior penetration testing experience, only a basic understanding of cloud services. It serves both as a learning tool and a practical guide for real-world scenarios.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781839216923

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills