/Cloud-pentest

Resources to learn cloud environment and pentesting the same, contains AWS, Azure, Google Cloud

Cloud-pentest

Resources to learn cloud environment and pentesting the same, contains AWS, Azure, Google Cloud

Serial No Topic Link
1 Basics https://www.tutorialspoint.com/amazon_web_services/index.htm
2 Instance creation https://github.com/awsdocs/amazon-ec2-user-guide/blob/master/doc_source/EC2_GetStarted.md https://github.com/awsdocs/amazon-ec2-user-guide/blob/master/doc_source/concepts.md
3 Storage https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-dg.pdf https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html https://docs.aws.amazon.com/storagegateway/latest/userguide/storagegateway-ug.pdf https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AmazonCloudFront_DevGuide.pdf
4 Database https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/dynamodb-dg.pdf https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-ug.pdf https://docs.aws.amazon.com/redshift/latest/dg/redshift-dg.pdf
5 Networking https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ug.pdf https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/route53-dg.pdf https://docs.aws.amazon.com/directconnect/latest/UserGuide/dc-ug.pdf
6 Workspaces https://docs.aws.amazon.com/workspaces/latest/adminguide/workspaces-ag.pdf
7 Lambda https://docs.aws.amazon.com/lambda/latest/dg/lambda-dg.pdf
8 Full Guide https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-ug.pdf
9 Vulnerability scanning https://securityftw.github.io/
10 Penetration testing https://github.com/dagrz/aws_pwn https://github.com/toniblyx/my-arsenal-of-aws-security-tools#offensive https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Cloud%20-%20AWS%20Pentest.md#aws---shadow-admin https://github.com/toniblyx/my-arsenal-of-aws-security-tools#continuous-security-auditing https://github.com/zricethezav/gitleaks https://github.com/RhinoSecurityLabs/pacu https://github.com/elitest/Redboto https://github.com/jordanpotti/AWSBucketDump https://github.com/RhinoSecurityLabs/Security-Research/tree/master/tools/aws-pentest-tools https://github.com/mxm0z/awesome-sec-s3 https://github.com/nagwww/s3-leaks https://owasp.org/www-chapter-pune/Pentesting_AWS_by_Anand_Varia.pdf https://gracefulsecurity.com/an-introduction-to-penetration-testing-aws-same-same-but-different/
11 Compliance CIS security benchmark check for AMI instances
CIS security benchmark check for IAM instances
IAM user and access management best practices check
Logging best practices check
Networking best practices check
Monitoring best practices check
AWS Code build review for secret leaks (https://github.com/RhinoSecurityLabs/cloudgoat/blob/master/scenarios/codebuild_secrets/README.md)
AWS Lambda environment best practices(https://github.com/OWASP/Serverless-Goat/blob/master/LESSONS.md) Lesson 3
Dynamo DB configuration best practices
Third party packages vulnerability check
VPC best practices
EBS best practices
EC2 metadata best practices
ECR best practices
EKS best practices
ELB best practices
12 Source code review https://github.com/RhinoSecurityLabs/cloudgoat/blob/master/scenarios/codebuild_secrets/README.md
13 Kubernetes https://docs.aws.amazon.com/eks/latest/userguide/eks-ug.pdf
14 Container https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-dg.pdf




Serial No Topic Link
1 Basics https://intellipaat.com/blog/what-is-google-cloud/ https://github.com/gregsramblings/google-cloud-4-words https://www.linkedin.com/pulse/google-cloud-jumpstart-tutorials-community-david-das-neves/
2 Instance Creation https://intellipaat.com/blog/what-is-google-cloud/ https://raw.githubusercontent.com/isb-cgc/readthedocs/master/docs/include/intro_to_Console.pdf https://cloud.google.com/compute/docs/concepts https://github.com/cs231n/gcloud
3 Storage https://cloud.google.com/storage/docs/how-to https://cloud.google.com/storage/archival https://cloud.google.com/products/data-transfer https://cloud.google.com/storage/docs https://cloud.google.com/filestore/docs https://cloud.google.com/local-ssd https://cloud.google.com/persistent-disk
4 Networking https://cloud.google.com/vpc/docs/vpc https://cloud.google.com/nat/docs https://cloud.google.com/load-balancing/docs https://cloud.google.com/dns/docs https://cloud.google.com/cdn/docs https://cloud.google.com/domains/docs
5 Database https://cloud.google.com/sql/docs https://cloud.google.com/spanner/docs https://firebase.google.com/docs/database https://cloud.google.com/bigtable/docs https://cloud.google.com/firestore/docs
6 Bare metal https://cloud.google.com/bare-metal/docs
7 Google Kubernetes Engine https://cloud.google.com/kubernetes-engine/docs
8 Containers https://cloud.google.com/compute/docs/containers
9 Vulnerabilty scanning https://forsetisecurity.org/
10 Penetration testing https://six2dez.gitbook.io/pentest-book/enumeration/cloud/gcp https://github.com/RhinoSecurityLabs/GCPBucketBrute https://github.com/dafthack/CloudPentestCheatsheets/blob/master/cheatsheets/GCP.md

Serial No Topic Link
1 Basics https://www.tutorialspoint.com/microsoft_azure/index.htm https://docs.microsoft.com/en-us/learn/paths/az-900-describe-cloud-concepts/
2 Instance Creation https://docs.microsoft.com/en-us/learn/paths/azure-administrator-manage-compute-resources/ https://docs.microsoft.com/en-us/learn/modules/azure-compute-fundamentals/ https://docs.microsoft.com/en-us/learn/modules/create-windows-virtual-machine-in-azure/ https://docs.microsoft.com/en-us/learn/modules/intro-to-azure-virtual-machines/ https://docs.microsoft.com/en-us/learn/modules/manage-users-and-groups-in-aad/
3 Storage https://docs.microsoft.com/en-us/learn/modules/azure-storage-fundamentals/
4 Networking https://docs.microsoft.com/en-us/learn/modules/azure-networking-fundamentals/ https://docs.microsoft.com/en-us/learn/modules/manage-users-and-groups-in-aad/ https://docs.microsoft.com/learn/modules/connect-on-premises-network-with-vpn-gateway/
5 Database https://docs.microsoft.com/en-us/learn/modules/azure-database-fundamentals/
6 Network security https://docs.microsoft.com/en-us/learn/paths/az-900-describe-general-security-network-security-features/
7 System Secuirty https://docs.microsoft.com/en-us/learn/modules/protect-against-security-threats-azure/
8 Active directory Managment https://docs.microsoft.com/en-us/learn/modules/manage-users-and-groups-in-aad/ https://docs.microsoft.com/en-us/learn/modules/manage-users-and-groups-in-aad/
9 Docker containers https://docs.microsoft.com/learn/modules/intro-to-docker-containers/ https://docs.microsoft.com/learn/paths/administer-containers-in-azure/
10 Kubernetes https://docs.microsoft.com/learn/modules/connect-on-premises-network-with-vpn-gateway/
11 Pentesting https://amp.kitploit.com/2020/04/roadtools-azure-ad-exploration-framework.html?amp=1&m=1 https://blog.xpnsec.com/azuread-connect-for-redteam/ https://blogvaronis2.wpengine.com/azure-skeleton-key/ https://www.synacktiv.com/en/publications/azure-ad-introduction-for-red-teamers.html https://dirkjanm.io/introducing-roadtools-and-roadrecon-azure-ad-exploration-framework/ https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training/blob/master/README.md https://drive.google.com/file/d/1FPW5PbMzcHL-rRGSX4lewX3auQlAi-ix/view?usp=sharing https://drive.google.com/file/d/1O_LFQj0nHAXDvCNFWsiCEyLUpDqi-T5l/view?usp=sharing https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Cloud%20-%20Azure%20Pentest.md https://github.com/mattrotlevi/lava https://github.com/dafthack/CloudPentestCheatsheets/blob/master/cheatsheets/Azure.md https://github.com/NetSPI/MicroBurst https://attack.mitre.org/matrices/enterprise/cloud/azure/ https://book.hacktricks.xyz/cloud-security-review
12 Vulnerability Scanning https://github.com/NextSecurity/azucar
13 Best practices https://github.com/AZ-500-PREP/Audit-and-Remediate

Name Link
Terra Goat https://github.com/bridgecrewio/terragoat
CS Suite https://securityftw.github.io/
Collection https://github.com/4ndersonLin/awesome-cloud-security
Talk by BlackHillsInfosec https://www.blackhillsinfosec.com/wp-content/uploads/2020/05/Breaching-the-Cloud-Perimeter-Slides.pdf