We have already covered the two CloudTrail-related GuardDuty finding types, but there is also a third one under the stealth category: Stealth:IAMUser/PasswordPolicyChange. This will trigger when an accounts password policy is weakened, such as if the minimum password length changes from 15 characters to 8 characters. To avoid this finding, we simply should not touch the password strength requirements within an account that we are attacking.
- Title Page
- Copyright and Credits
- About Packt
- Contributors
- Preface
- Section 1: Kali Linux on AWS
- Setting Up a Pentesting Lab on AWS
- Setting Up a Kali PentestBox on the Cloud
- Exploitation on the Cloud using Kali Linux
- Section 2: Pentesting AWS Elastic Compute Cloud Configuring and Securing
- Setting Up Your First EC2 Instances
- Penetration Testing of EC2 Instances using Kali Linux
- Technical requirements
- Installing a vulnerable service on Windows
- Scanning and reconnaissance using Nmap
- Identifying and fingerprinting open ports and services using Nmap
- Performing an automated vulnerability assessment using Nexpose
- Using Metasploit for automated exploitation
- Using Meterpreter for privilege escalation, pivoting, and persistence
- Summary
- Further reading
- Elastic Block Stores and Snapshots - Retrieving Deleted Data
- Section 3: Pentesting AWS Simple Storage Service Configuring and Securing
- Reconnaissance - Identifying Vulnerable S3 Buckets
- Exploiting Permissive S3 Buckets for Fun and Profit
- Section 4: AWS Identity Access Management Configuring and Securing
- Identity Access Management on AWS
- Privilege Escalation of AWS Accounts Using Stolen Keys, Boto3, and Pacu
- Using Boto3 and Pacu to Maintain AWS Persistence
- Section 5: Penetration Testing on Other AWS Services
- Security and Pentesting of AWS Lambda
- Pentesting and Securing AWS RDS
- Targeting Other Services
- Section 6: Attacking AWS Logging and Security Services
- Pentesting CloudTrail
- GuardDuty
- Section 7: Leveraging AWS Pentesting Tools for Real-World Attacks
- Using Scout Suite for AWS Security Auditing
- Using Pacu for AWS Pentesting
- Pacu history
- Getting started with Pacu
- Pacu commands
- list/ls
- search [[cat]egory] <search term>
- help
- help <module name>
- whoami
- data
- services
- data <service>|proxy
- regions
- update_regions
- set_regions <region> [<region>...]
- run/exec <module name>
- set_keys
- swap_keys
- import_keys <profile name>|--all
- exit/quit/Ctrl + C
- aws <command>
- proxy <command>
- Creating a new module
- An introduction to PacuProxy
- Summary
- Putting it All Together - Real - World AWS Pentesting
- Other Books You May Enjoy
Stealth
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.