April 2019
Intermediate to advanced
508 pages
11h 57m
English
Lambda is another extremely common and extremely fruitful service to look at, just as we saw in the Lambda pentesting chapter.
The first thing we will want to do is enumerate Lambda functions in our target account with the lambda__enum Pacu module. We can run it without any arguments, like this:
run lambda__enum
When this is complete, we can then run data Lambda to review the function data that was enumerated. To start the review process, we should cycle through each function and look at the environment variables associated with it to try and find some sensitive data/values that might be useful in our attack.
After checking out environment variables for interesting data, if we found anything, such as if ...
Read now
Unlock full access