An Amazon Resource Name (ARN) is a unique identifier used in Amazon Web Services (AWS) to specify resources across the AWS ecosystem. ARNs are essential for managing permissions and access control, as they allow users to precisely define which resources they are referring to in their policies and API calls. The structure of an ARN Read More …
Tag: aws
Cloud Penetration Testing for Traditional Hackers | Nick Frichette
An introduction to cloud penetration testing on AWS, tailored for those familiar with traditional web and network penetration testing. It highlights critical areas and potential pitfalls in AWS security, using practical attack scenarios to illustrate key concepts. The discussion covers common vulnerabilities like leaky S3 buckets and misconfigured resource-based policies, emphasizing the importance of securing Read More …
What are the advantages of FASP
The speed increases are achieved by sending larger packets than TCP, not waiting for confirmation that a packet has been received before sending the next one, and only re-sending packets that are confirmed as having been dropped. FASP (Fast and Secure Protocol), used in IBM Aspera, offers significant advantages for cloud data transfer, enabling faster, Read More …
Notes – AWS Systems Manager Session Manager
Session Manager is a fully managed AWS Systems Manager tool. With Session Manager, you can manage EC2 instances, edge devices, on-premises servers, and VMs. You can use either an interactive one-click browser-based shell or the AWS Command Line Interface. Session Manager provides secure node management without the need to open inbound ports, maintain bastion hosts, Read More …
Some fun AWS reads
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources https://www.aquasec.com/blog/bucket-monopoly-breaching-aws-accounts-through-shadow-resources/ Capturing Exposed AWS Keys During Dynamic Web Application Tests https://www.praetorian.com/blog/capturing-exposed-aws-keys-during-dynamic-web-application-tests/ AWS Network Firewall egress filtering can be easily bypassed https://canglad.com/blog/2023/aws-network-firewall-egress-filtering-can-be-easily-bypassed/
AWS Notes – AWS Pentesting
An Opinionated Ramp Up Guide to AWS Pentesting https://awssecuritydigest.com/articles/opinionated-ramp-up-guide-to-aws-pentesting https://medium.com/@MorattiSec/my-aws-pentest-methodology-14c333b7fb58 Understanding the Shared Responsibility Model https://www.wiz.io/academy/shared-responsibility-model fwd:cloudsec https://fwdcloudsec.org/ AWS Customer Support Policy for Penetration Testing https://aws.amazon.com/security/penetration-testing/ Also, read this and follow the AWS pentesting rules. Cloud Tests One is a review of the external facing posture, which you can consider adjacent to a traditional External Read More …