- 330 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
AWS Penetration Testing
About This Book
Get to grips with security assessment, vulnerability exploitation, workload security, and encryption with this guide to ethical hacking and learn to secure your AWS environmentKey Featuresā¢ Perform cybersecurity events such as red or blue team activities and functional testingā¢ Gain an overview and understanding of AWS penetration testing and securityā¢ Make the most of your AWS cloud infrastructure by learning about AWS fundamentals and exploring pentesting best practicesBook DescriptionCloud security has always been treated as the highest priority by AWS while designing a robust cloud infrastructure. AWS has now extended its support to allow users and security experts to perform penetration tests on its environment. This has not only revealed a number of loopholes and brought vulnerable points in their existing system to the fore, but has also opened up opportunities for organizations to build a secure cloud environment. This book teaches you how to perform penetration tests in a controlled AWS environment. You'll begin by performing security assessments of major AWS resources such as Amazon EC2 instances, Amazon S3, Amazon API Gateway, and AWS Lambda. Throughout the course of this book, you'll also learn about specific tests such as exploiting applications, testing permissions flaws, and discovering weak policies. Moving on, you'll discover how to establish private-cloud access through backdoor Lambda functions. As you advance, you'll explore the no-go areas where users can't make changes due to vendor restrictions and find out how you can avoid being flagged to AWS in these cases. Finally, this book will take you through tips and tricks for securing your cloud environment in a professional way. By the end of this penetration testing book, you'll have become well-versed in a variety of ethical hacking techniques for securing your AWS environment against modern cyber threats.What you will learnā¢ Set up your AWS account and get well-versed in various pentesting servicesā¢ Delve into a variety of cloud pentesting tools and methodologiesā¢ Discover how to exploit vulnerabilities in both AWS and applicationsā¢ Understand the legality of pentesting and learn how to stay in scopeā¢ Explore cloud pentesting best practices, tips, and tricksā¢ Become competent at using tools such as Kali Linux, Metasploit, and Nmapā¢ Get to grips with post-exploitation procedures and find out how to write pentesting reportsWho this book is forIf you are a network engineer, system administrator, or system operator looking to secure your AWS environment against external cyberattacks, then this book is for you. Ethical hackers, penetration testers, and security consultants who want to enhance their cloud security skills will also find this book useful. No prior experience in penetration testing is required; however, some understanding of cloud computing or AWS cloud is recommended.
Frequently asked questions
Information
Section 1: Setting Up AWS and Pentesting Environments
- Chapter 1, Building Your AWS Environment
- Chapter 2, Pentesting and Ethical Hacking
Chapter 1: Building Your AWS Environment
- Exploring Amazon Web Services
- Understanding the testing environment
- Configuring the environment
- Exploring vulnerable services
- Attacking vulnerabilities
- The AWS Command Line Interface
Technical requirements
- A browser of your choice (Chrome, Firefox, Edge)
- PuTTY: https://www.chiark.greenend.org.uk/~sgtatham/putty/ (installation steps are covered in the Connecting with PuTTY section).
Exploring Amazon Web Services (AWS)
AWS security and penetration testing
Understanding our testing environment
Configuring your environment
Setting up an account
- Please open a br...
Table of contents
- AWS Penetration Testing
- Why subscribe?
- Preface
- Section 1: Setting Up AWS and Pentesting Environments
- Chapter 1: Building Your AWS Environment
- Chapter 2: Pentesting and Ethical Hacking
- Section 2: Pentesting the Cloud ā Exploiting AWS
- Chapter 3: Exploring Pentesting and AWS
- Chapter 4: Exploiting S3 Buckets
- Chapter 5: Understanding Vulnerable RDS Services
- Chapter 6: Setting Up and Pentesting AWS Aurora RDS
- Chapter 7: Assessing and Pentesting Lambda Services
- Chapter 8: Assessing AWS API Gateway
- Chapter 9: Real-Life Pentesting with Metasploit and More!
- Section 3: Lessons Learned ā Report Writing, Staying within Scope, and Continued Learning
- Chapter 10: Pentesting Best Practices
- Chapter 11: Staying Out of Trouble
- Chapter 12: Other Projects with AWS
- Other Books You May Enjoy