April 2019
Intermediate to advanced
508 pages
11h 57m
English
Simple Storage Service (S3) buckets are one of the most popular attack surfaces for AWS infrastructures, and they're the most prone to hacking attacks.
This chapter explains the concept of AWS S3 buckets, what they're used for, and how to set them up and access them. However, the main focus for this chapter is on the various S3 bucket permissions, the different ways of identifying poorly configured or permissive buckets, as well as connecting to these buckets. Finally, we will focus on automated approaches to identifying vulnerable S3 buckets in multiple regions based on domain and subdomain names, and probing their permissions to find potentially vulnerable buckets.
In this chapter, we will ...
Read now
Unlock full access