AWS Penetration Testing
Beginner's guide to hacking AWS with tools such as Kali Linux, Metasploit, and Nmap
Published on 4. December 2020
Book
Paperback/Softback
330 pages
978-1-83921-692-3 (ISBN)
Description
Get to grips with security assessment, vulnerability exploitation, workload security, and encryption with this guide to ethical hacking and learn to secure your AWS environment
Key Features
Book DescriptionCloud security has always been treated as the highest priority by AWS while designing a robust cloud infrastructure. AWS has now extended its support to allow users and security experts to perform penetration tests on its environment. This has not only revealed a number of loopholes and brought vulnerable points in their existing system to the fore, but has also opened up opportunities for organizations to build a secure cloud environment. This book teaches you how to perform penetration tests in a controlled AWS environment.
You'll begin by performing security assessments of major AWS resources such as Amazon EC2 instances, Amazon S3, Amazon API Gateway, and AWS Lambda. Throughout the course of this book, you'll also learn about specific tests such as exploiting applications, testing permissions flaws, and discovering weak policies. Moving on, you'll discover how to establish private-cloud access through backdoor Lambda functions. As you advance, you'll explore the no-go areas where users can't make changes due to vendor restrictions and find out how you can avoid being flagged to AWS in these cases. Finally, this book will take you through tips and tricks for securing your cloud environment in a professional way.
By the end of this penetration testing book, you'll have become well-versed in a variety of ethical hacking techniques for securing your AWS environment against modern cyber threats.What you will learn
Set up your AWS account and get well-versed in various pentesting services
Delve into a variety of cloud pentesting tools and methodologies
Discover how to exploit vulnerabilities in both AWS and applications
Understand the legality of pentesting and learn how to stay in scope
Explore cloud pentesting best practices, tips, and tricks
Become competent at using tools such as Kali Linux, Metasploit, and Nmap
Get to grips with post-exploitation procedures and find out how to write pentesting reports
Who this book is forIf you are a network engineer, system administrator, or system operator looking to secure your AWS environment against external cyberattacks, then this book is for you. Ethical hackers, penetration testers, and security consultants who want to enhance their cloud security skills will also find this book useful. No prior experience in penetration testing is required; however, some understanding of cloud computing or AWS cloud is recommended.
Key Features
Book DescriptionCloud security has always been treated as the highest priority by AWS while designing a robust cloud infrastructure. AWS has now extended its support to allow users and security experts to perform penetration tests on its environment. This has not only revealed a number of loopholes and brought vulnerable points in their existing system to the fore, but has also opened up opportunities for organizations to build a secure cloud environment. This book teaches you how to perform penetration tests in a controlled AWS environment.
You'll begin by performing security assessments of major AWS resources such as Amazon EC2 instances, Amazon S3, Amazon API Gateway, and AWS Lambda. Throughout the course of this book, you'll also learn about specific tests such as exploiting applications, testing permissions flaws, and discovering weak policies. Moving on, you'll discover how to establish private-cloud access through backdoor Lambda functions. As you advance, you'll explore the no-go areas where users can't make changes due to vendor restrictions and find out how you can avoid being flagged to AWS in these cases. Finally, this book will take you through tips and tricks for securing your cloud environment in a professional way.
By the end of this penetration testing book, you'll have become well-versed in a variety of ethical hacking techniques for securing your AWS environment against modern cyber threats.What you will learn
Set up your AWS account and get well-versed in various pentesting services
Delve into a variety of cloud pentesting tools and methodologies
Discover how to exploit vulnerabilities in both AWS and applications
Understand the legality of pentesting and learn how to stay in scope
Explore cloud pentesting best practices, tips, and tricks
Become competent at using tools such as Kali Linux, Metasploit, and Nmap
Get to grips with post-exploitation procedures and find out how to write pentesting reports
Who this book is forIf you are a network engineer, system administrator, or system operator looking to secure your AWS environment against external cyberattacks, then this book is for you. Ethical hackers, penetration testers, and security consultants who want to enhance their cloud security skills will also find this book useful. No prior experience in penetration testing is required; however, some understanding of cloud computing or AWS cloud is recommended.
More details
Language
English
Place of publication
Birmingham
United Kingdom
Target group
Professional and scholarly
US School Grade: College Graduate Student
Dimensions
Height: 235 mm
Width: 191 mm
Thickness: 18 mm
Weight
618 gr
ISBN-13
978-1-83921-692-3 (9781839216923)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Jonathan Helmus
AWS Penetration Testing
Beginner's guide to hacking AWS with tools such as Kali Linux, Metasploit, and Nmap
E-Book
09/2024
Packt Publishing
€29.49
Available for download
Person
Jonathan Helmus ("Moos1e") is a penetration tester and professor with over 10 years of experience in engineering, information security, and information technology. Jon resides in a small town right outside Seattle, Washington, where he and his family raise alpacas on their mini farm. Currently, Jon works as a freelance educator teaching topics such as pentesting, red teaming, cloud security, and vulnerability exploitation. He also works as a contract pentester and cloud security professional for clients all around the world.
Content
Table of Contents
Building Your AWS Environment
Pentesting and Ethical Hacking
Exploring Pentesting and AWS
Exploiting S3 Buckets
Understanding Vulnerable RDS Services
Setting Up and Pentesting AWS Aurora RDS
Assessing and Pentesting Lambda Services
Assessing AWS API Gateway
Real-Life Pentesting with Metasploit and More!
Pentesting Best Practices
Staying Out of Trouble
Other Projects with AWS
Building Your AWS Environment
Pentesting and Ethical Hacking
Exploring Pentesting and AWS
Exploiting S3 Buckets
Understanding Vulnerable RDS Services
Setting Up and Pentesting AWS Aurora RDS
Assessing and Pentesting Lambda Services
Assessing AWS API Gateway
Real-Life Pentesting with Metasploit and More!
Pentesting Best Practices
Staying Out of Trouble
Other Projects with AWS