Python: Pen Testing AWS

Python: Pen Testing AWS

English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 1h 49m | 348 MB

Pen testing is a standard technique for on-site systems, but the way testing is carried out in the cloud is different. This course explores the different types of vulnerabilities in the cloud, the techniques used to test cloud deployments, and key open-source tools for testing Amazon Web Service deployments: CloudGoat, the AWS CLI, and the AWS Python Software Development Kit, known as boto3. Instructor Malcolm Shore shows how to set up your test environment and then use Python to enumerate policies, programmatically create users, manage secrets, list EC2 and RDS instances, and more. He also shows how to get a quick summary of the resources in your AWS account with the PATE tool and use other Python-based testing tools such as PACU. The skills you learn in this course will help you test your AWS deployments for the weaknesses that others will exploit and design your own customs scripts for testing.

Table of Contents

1 Using Python to test for cloud deployment weaknesses through pen testing
2 Understanding the CloudGoat testing paradigm
3 Installing CloudGoat
4 Launching CloudGoat scenarios
5 Listing the user policy
6 Gaining privileges by changing policies
7 Exploiting a misconfigured server
8 Closing down a CloudGoat scenario
9 Taking a first look at the Python boto3 AWS library
10 Enumerating policies
11 Adding sessions to your Python scripts
12 What you need to know
13 Checking for guards
14 Managing IAM programmatically
15 Creating users programmatically
16 Managing secrets using Python
17 Listing all EC2 instances
18 Listing all RDS instances
19 Challenge
20 Solution
21 The Python AWS Trace Enumerator
22 Looking inside Pate
23 Understanding AWS
24 Challenge 2
25 Solution 2
26 Looking at a weird Python script
27 The PACU pen testing framework
28 Navigating the PACU console
29 Exploring PACU test modules
30 Account privilege escalation
31 Deploying the ec2 ssrf scenario
32 Pen testing Lambda with PACU
33 Cleaning up your cloud
34 Rules for pen testing AWS
35 What’s next-
36 Setting up an AWS account
37 Provisioning an AWS resource
38 Setting up the Windows Subsystem for Linux
39 AWS Command Line Interface
40 Automating cloud deployments with Terraform