AWS Cloud Pentesting

Once AWS keys are obtained the first step you have to take is to understand which priviledges they have

• If you have access to IAM, simply list the privileges for the various roles
• if not, bruteforce the privileges for the various roles

Storage and static hosting

s3 Bucket

AWS CodeBuild

AWS CodeBuild is a fully managed build service in the cloud. CodeBuild compiles your source code, runs unit tests, and produces artifacts that are ready to deploy

Serverless

Lamda Function

AWS GLOBAL ACCELERATOR

AWS Global Accelerator is a service that uses edge locations to look for the optimal pathway from your users to your applications. AWS Global Accelerator optimizes the route, improves the application’s performance, enhances availability, and simplifies the management of IP addresses, providing a robust solution for global applications

AWS CLOUDFRONT

Amazon CloudFront is a Content Delivery Network (CDN) like Cloudflare and Akamai. CloudFront is used to deliver static assets (such as videos, images, and files) securely to various devices around the globe with low latency by caching and serving them from a location nearby.

References: https://gist.github.com/jhaddix/8cece26c91c6263653f31ba453e273b

https://secops.group/the-anatomy-of-aws-misconfigurations-how-to-stay-safe/

https://account.vulnmachines.com/user/missions/boxes?uuid=f5a54ce5-74d1-4923-a6fd-f9b3b8bf9a32