What this book covers
Chapter 1, Building Your AWS Environment, starts with the basics of AWS. AWS is a growing cloud technology provider that many companies are using to house their data. This chapter will help give you an understanding of how basic AWS environments are created, along with coverage of misconfigured services that can be exploited in a contained environment. No knowledge will be needed about AWS, and the chapter will give you everything you need to know about setting up your own AWS environment.
Chapter 2, Pentesting and Ethical Hacking, gets into pentesting itself. Pentesting is beginning to grow in popularity; it's becoming commonplace for companies to have pentests and find out what they don't know about their systems. Pentesting is the practice of discovering and exploiting issues in IT systems that typical scanners don't pick up. This chapter will give you a brief description of what pentesting is and give you hands-on practice with exercises using pentesting tools.
Chapter 3, Exploring Pentesting and AWS, talks tools. The first step in pentesting anything always involves scanning systems and resources. Pentesters use various tools and techniques to ensure that they properly scan systems and enumerate as much information as possible. This chapter will focus on using NMAP and Metasploit to grab information from targets that can be used in further exploitation.
Chapter 4, Exploiting S3 Buckets, covers S3 buckets. S3 buckets are one of the primary resources that AWS uses to hold data. Also known as Simple Storage Service buckets, S3 buckets are great ways to hold objects such as data and metadata. However, much like other file storage solutions, S3 buckets can be easily exploited through simple misconfigurations. These misconfigurations can lead to data leaks and other serious security issues. The chapter will highlight S3 buckets, their functionality, and how to exploit issues with public buckets and misconfigured buckets.
Chapter 5, Understanding Vulnerable RDS Services, explores another AWS vulnerability. Amazon Relational Database Service (RDS) is scalable and makes it easy to set up cloud-based databases that allow users to operate just as they would with a typical database. RDS allows users to interact via services such as MySQL and Amazon Aurora just as a user would in a typical physical database infrastructure. The downfall of RDS is the same as that of regular databases: injection and misconfigurations. This chapter will go over common misconfigurations and how they can lead to possible injection.
Chapter 6, Setting Up and Pentesting AWS Aurora RDS, continues our focus on databases. AWS Aurora provides SQL-like database functionality to AWS accounts with simplicity. Focused on PostgreSQL- and MySQL-like querying, Aurora makes interacting with high-performance storage systems easy for the user. Mistakes with it can have a deadly cost, however, and can lead to data leaks if it's not adequately secured. This chapter is going to discuss the ins and outs of what Aurora has to offer and also take a look at the dangers of SQL injection – a malicious attack against websites that host services such as MySQL.
Chapter 7, Assessing and Pentesting Lambda Services, moves on to Lambda. Lambda allows users to create code that can later respond to events as needed. These events are anything that occurs within the AWS environment – HTTP requests, modifications to S3 buckets, or new EC2 instances being brought up, for instance. This chapter will focus on how vulnerability discovery in Lambda can lead to the exploitation of services and the discovery of internal processes and objects.
Chapter 8, Assessing AWS API Gateway, focuses on API Gateway. AWS API Gateway acts as the gateway to applications hosting data. The data being hosted by these applications varies; however, what does not is the fact that some of the data may be considered attractive to unauthorized personnel. This chapter will discuss what AWS API Gateway is, how to inspect API calls, and how to correct issues by pentesting API calls.
Chapter 9, Real-Life Pentesting with Metasploit and More!, dives into Metasploit. Metasploit is an automated pentesting tool that enables pentesters to exploit with ease. Metasploit offers exploit payloads and has become a popular tool to use to test for common vulnerabilities. Metasploit also comes with the meterpreter shell, which allows pentesters to have reverse connections on the exploit systems. The reverse shell allows pentesters a certain level of control, based on rights, making pivoting and pilfering simple. This chapter will take a realistic look at how you would pentest AWS environments in a real-world setting using Metasploit.
Chapter 10, Pentesting Best Practices, is where we recognize that pentesting is not a one-size-fits-all type of assessment. What applies to one pentest may not apply to another. It's essential to stay on top of trends, hone your skillset, and develop your understanding of what it means to pentest. This chapter will discuss best practices when it comes to maintaining pentesting skills and updating processes, as well as discussing how to keep up with pentesting.
Chapter 11, Staying Out of Trouble, looks at the potential impacts of what you'll be doing. Pentesting can be very intrusive on AWS systems and can also lead to legal issues if not executed correctly. When pentesting AWS, it's crucial to understand what you as a pentester can and cannot do on an AWS system. This chapter will go over the dos and don'ts of pentesting AWS, as well as talking about denial of service, flooding, and the legal impact that those techniques can have on a pentest team.
Chapter 12, Other Projects with AWS, explains that AWS is still reasonably new in the market space but is growing in popularity at a large scale. This growth has caused many security services to create training platforms for companies to test and train in "safe spaces" for AWS pentesting. This chapter will look at various projects that can be integrated to augment your AWS pentesting methods.