Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Cloud Penetration Testing
  • Table Of Contents Toc
Cloud Penetration Testing

Cloud Penetration Testing

By : Kim Crawley
4 (11)
Buy this Book
close
close
Cloud Penetration Testing

Cloud Penetration Testing

4 (11)
By: Kim Crawley
Buy this Book

Overview of this book

With AWS, Azure, and GCP gaining prominence, understanding their unique features, ecosystems, and penetration testing protocols has become an indispensable skill, which is precisely what this pentesting guide for cloud platforms will help you achieve. As you navigate through the chapters, you’ll explore the intricacies of cloud security testing and gain valuable insights into how pentesters evaluate cloud environments effectively. In addition to its coverage of these cloud platforms, the book also guides you through modern methodologies for testing containerization technologies such as Docker and Kubernetes, which are fast becoming staples in the cloud ecosystem. Additionally, it places extended focus on penetration testing AWS, Azure, and GCP through serverless applications and specialized tools. These sections will equip you with the tactics and tools necessary to exploit vulnerabilities specific to serverless architecture, thus providing a more rounded skill set. By the end of this cloud security book, you’ll not only have a comprehensive understanding of the standard approaches to cloud penetration testing but will also be proficient in identifying and mitigating vulnerabilities that are unique to cloud environments.
Table of Contents (20 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Code in Action
Icon
Conventions used
Icon
Get in touch
Icon
Share your thoughts
Icon
Download a free PDF copy of this book
Lock Free Chapter
1
Part 1: Today’s Cloud Networks and Their Security Implications
Icon
Part 1: Today’s Cloud Networks and Their Security Implications
2
Chapter 1: How Do Enterprises Utilize and Implement Cloud Networks?
Icon
Chapter 1: How Do Enterprises Utilize and Implement Cloud Networks?
Icon
Cloud networks today
Icon
Hybrid cloud, all-cloud, and multi-cloud networks
Icon
Why an organization would have a multi-cloud network
Icon
The cloud migration process
Icon
Security responsibilities in the cloud
Icon
The difference between IaaS, PaaS, and SaaS
Icon
Summary
Icon
Further reading
3
Chapter 2: How Are Cloud Networks Cyber Attacked?
Icon
Chapter 2: How Are Cloud Networks Cyber Attacked?
Icon
Understanding penetration testing
Icon
External and internal attacks
Icon
Attacks on the confidentiality, integrity, and availability of cloud data
Icon
Understanding lateral movement in the cloud
Icon
Zero-trust networks
Icon
Summary
Icon
Further reading
4
Chapter 3: Key Concepts for Pentesting Today’s Cloud Networks
Icon
Chapter 3: Key Concepts for Pentesting Today’s Cloud Networks
Icon
Cloud platform policies, benchmark checks, and services enumeration
Icon
Exposed services, permissions, and integrations
Icon
CVE, CVSS, and vulnerabilities
Icon
Purple teaming and writing pentest reports
Icon
Summary
Icon
Further reading
5
Part 2: Pentesting AWS
Icon
Part 2: Pentesting AWS
6
Chapter 4: Security Features in AWS
Icon
Chapter 4: Security Features in AWS
Icon
Introduction to AWS
Icon
Frequently used AWS SaaS features
Icon
AWS IaaS features
Icon
AWS PaaS features
Icon
AWS security controls and tools
Icon
Summary
Icon
Further reading
7
Chapter 5: Pentesting AWS Features through Serverless Applications and Tools
Icon
Chapter 5: Pentesting AWS Features through Serverless Applications and Tools
Icon
Technical requirements
Icon
How to get an AWS network
Icon
Using AWS PowerShell and the AWS CLI
Icon
Exploring AWS-native security tools
Icon
Installing and preparing AWS pentesting tools
Icon
Exploiting AWS applications
Icon
Summary
Icon
Further reading
8
Chapter 6: Pentesting Containerized Applications in AWS
Icon
Chapter 6: Pentesting Containerized Applications in AWS
Icon
Technical requirements
Icon
How containerization works
Icon
How Docker works in AWS
Icon
How Kubernetes works in AWS
Icon
Docker and Kubernetes pentesting techniques in AWS
Icon
Summary
Icon
Further reading
9
Part 3: Pentesting Microsoft Azure
chevron up
Icon
Part 3: Pentesting Microsoft Azure
10
Chapter 7: Security Features in Azure
Icon
Chapter 7: Security Features in Azure
Icon
Introduction to Azure
Icon
Frequently used Azure SaaS applications
Icon
Azure IaaS applications
Icon
Azure PaaS applications
Icon
Azure security controls and tools
Icon
Summary
Icon
Further reading
11
Chapter 8: Pentesting Azure Features through Serverless Applications and Tools
Icon
Chapter 8: Pentesting Azure Features through Serverless Applications and Tools
Icon
Technical requirements
Icon
Setting up an Azure instance
Icon
Setting up an Azure account
Icon
Using Azure Cloud Shell and PowerShell
Icon
Azure native security tools
Icon
Azure pentesting tools
Icon
Exploiting Azure applications
Icon
Summary
Icon
Further reading
12
Chapter 9: Pentesting Containerized Applications in Azure
Icon
Chapter 9: Pentesting Containerized Applications in Azure
Icon
Technical requirements
Icon
How containerization works
Icon
Docker and Kubernetes pentesting techniques in Azure
Icon
Summary
Icon
Further reading
13
Part 4: Pentesting GCP
Icon
Part 4: Pentesting GCP
14
Chapter 10: Security Features in GCP
Icon
Chapter 10: Security Features in GCP
Icon
Introduction to GCP
Icon
Frequently used GCP SaaS applications
Icon
GCP IaaS services
Icon
GCP PaaS services
Icon
GCP security controls and tools
Icon
Summary
Icon
Further reading
15
Chapter 11: Pentesting GCP Features through Serverless Applications and Tools
Icon
Chapter 11: Pentesting GCP Features through Serverless Applications and Tools
Icon
Technical requirements
Icon
GCP free tier
Icon
Launching a GCP network
Icon
Using GCP Cloud Shell
Icon
GCP native security tools
Icon
Installing GCP pentesting tools
Icon
Exploiting GCP applications
Icon
Summary
Icon
Further reading
16
Chapter 12: Pentesting Containerized Applications in GCP
Icon
Chapter 12: Pentesting Containerized Applications in GCP
Icon
Technical requirements
Icon
How containerization works
Icon
How Docker works in GCP
Icon
How Kubernetes works in GCP
Icon
Docker and Kubernetes pentesting techniques in GCP
Icon
Summary
Icon
Further reading
17
Chapter 13: Best Practices and Summary
Icon
Chapter 13: Best Practices and Summary
Icon
Content review
Icon
Your cloud pentesting toolkit
Icon
Cloud and pentester certifications
Icon
Pentesting contracts
Icon
Pentest reports
Icon
Summary
Icon
Further reading
18
Index
Icon
Index
Icon
Why subscribe?
19
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share your thoughts
Icon
Download a free PDF copy of this book

Part 3:Pentesting Microsoft Azure

Azure is Microsoft’s own cloud platform, and it’s been popular with businesses of all kinds for over 15 years. In this part, we will learn about Azure’s various software-as-a-service, platform-as-a-service, and infrastructure-as-a-service applications. We will deploy our own Azure instance in which to test our pentesting skills. We will use Microsoft Defender for Cloud to check the security posture of our Azure deployment. We will also try out some pentesting tools in Azure, step by step. Then, we’ll deploy Docker and Kubernetes containers and test those as well.

This section has the following chapters:

  • Chapter 7, Security Features in Azure
  • Chapter 8, Pentesting Azure Features through Serverless Applications and Tools
  • Chapter 9, Pentesting Containerized Applications in Azure
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Cloud Penetration Testing
End of Chapter 9
Next Chapter
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon