Cloud Penetration Testing for Red Teamers Learn How to Effectively Pentest AWS, Azure, and GCP Applications

Get to grips with cloud exploits, learn the fundamentals of cloud security, and secure your organization's network by pentesting AWS, Azure, and GCP effectively Key Features Discover how enterprises use AWS, Azure, and GCP as well as the applications and services unique to each platform Underst...

Descripción completa

Detalles Bibliográficos
Otros Autores:	Crawley, Kim, author (author)
Formato:	Libro electrónico
Idioma:	Inglés
Publicado:	Birmingham, England : Packt Publishing Ltd [2023]
Edición:	First edition
Materias:	Cloud computing > Security measures. Cloud computing > Testing. Computer security.
Ver en Biblioteca Universitat Ramon Llull:	https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009785406906719

Tabla de Contenidos:

Cover
Title Page
Copyright
Dedication
Contributors
Table of Contents
Preface
Part 1: Today's Cloud Networks and Their Security Implications
Chapter 1: How Do Enterprises Utilize and Implement Cloud Networks?
Cloud networks today
Hybrid cloud, all-cloud, and multi-cloud networks
All-cloud networks
Hybrid cloud networks
Multi-cloud networks
Why an organization would have a multi-cloud network
The cloud migration process
Security responsibilities in the cloud
AWS
Azure
GCP
The difference between IaaS, PaaS, and SaaS
Summary
Further reading
Chapter 2: How Are Cloud Networks Cyber Attacked?
Understanding penetration testing
External and internal attacks
External cyberattacks
Internal cyberattacks
Attacks on the confidentiality, integrity, and availability of cloud data
Confidentiality
Integrity
Availability
Understanding lateral movement in the cloud
Exploitation of remote services
Internal spearphishing
Lateral tool transfer
Remote service session hijacking
Software deployment tools
Tainted shared content
Zero-trust networks
Summary
Further reading
Chapter 3: Key Concepts for Pentesting Today's Cloud Networks
Cloud platform policies, benchmark checks, and services enumeration
Exposed services, permissions, and integrations
Exposed services
Permissions
Cloud integration
CVE, CVSS, and vulnerabilities
Vulnerabilities
The MITRE database
How do vulnerabilities get recorded in the CVE database?
Purple teaming and writing pentest reports
Purple teaming
Writing pentest reports
Summary
Further reading
Part 2: Pentesting AWS
Chapter 4: Security Features in AWS
Introduction to AWS
Frequently used AWS SaaS features
AWS IaaS features
Compute services
Storage services.
AWS PaaS features
AWS security controls and tools
Security controls
Security tools
Summary
Further reading
Chapter 5: Pentesting AWS Features through Serverless Applications and Tools
Technical requirements
How to get an AWS network
Using AWS PowerShell and the AWS CLI
Bash commands
PowerShell commands
Exploring AWS-native security tools
AWS Security Hub
Amazon Inspector
Installing and preparing AWS pentesting tools
Prowler
Pacu
Cred Scanner
CloudFrunt
Redboto
Exploiting AWS applications
Prowler
Pacu
Summary
Further reading
Chapter 6: Pentesting Containerized Applications in AWS
Technical requirements
How containerization works
How Docker works in AWS
Installing a Docker cluster in AWS with Amazon ECS
Deploying Docker with Docker Desktop
How Kubernetes works in AWS
Docker and Kubernetes pentesting techniques in AWS
Installation in Docker
Installation in Kubernetes
Summary
Further reading
Part 3: Pentesting Microsoft Azure
Chapter 7: Security Features in Azure
Introduction to Azure
Frequently used Azure SaaS applications
Azure Maps
Azure Digital Twins
Azure Monitor
Microsoft Cost Management
Azure Advisor
Network Watcher
Azure IaaS applications
Azure Virtual Machines
Azure Kubernetes Service
Azure Container Instances
Azure Dedicated Host
Azure PaaS applications
Azure SQL Database
Web Apps
Mobile Apps
Azure Logic Apps
Azure Functions
Azure security controls and tools
Security controls
Security tools
Summary
Further reading
Chapter 8: Pentesting Azure Features through Serverless Applications and Tools
Technical requirements
Setting up an Azure instance
Setting up an Azure account
Using Azure Cloud Shell and PowerShell
Azure native security tools.
Microsoft Defender
Azure pentesting tools
Prowler
MFASweep
ScoutSuite
Exploiting Azure applications
Prowler
MFASweep
ScoutSuite
Summary
Further reading
Chapter 9: Pentesting Containerized Applications in Azure
Technical requirements
How containerization works
How Docker works in Azure
How Kubernetes works in Azure
Docker and Kubernetes pentesting techniques in Azure
kube-hunter
kdigger
Summary
Further reading
Part 4: Pentesting GCP
Chapter 10: Security Features in GCP
Introduction to GCP
Frequently used GCP SaaS applications
Google Workspace
Google App Engine
Cost Management
Google Cloud app
Google Marketing Platform
GCP IaaS services
Compute Engine
Cloud Storage
Shielded VMs
Sole-tenant nodes
GCP PaaS services
Cloud SDK
Cloud SQL
Cloud Run
GKE
Anthos
GCP security controls and tools
Security controls
Security tools
Summary
Further reading
Chapter 11: Pentesting GCP Features through Serverless Applications and Tools
Technical requirements
GCP free tier
Launching a GCP network
Using GCP Cloud Shell
GCP native security tools
Exploring the GCP console
Installing GCP pentesting tools
Prowler
GCPBucketBrute
GCP Scanner
Exploiting GCP applications
Prowler
GCPBucketBrute
GCP Scanner
Summary
Further reading
Chapter 12: Pentesting Containerized Applications in GCP
Technical requirements
How containerization works
VMs
Containers
How Docker works in GCP
How Kubernetes works in GCP
Docker and Kubernetes pentesting techniques in GCP
Deploying Docker
Deploying Kubernetes
Trivy
Summary
Further reading
Chapter 13: Best Practices and Summary
Content review
Questions
Answers
Your cloud pentesting toolkit.
Cloud and pentester certifications
Cloud
Pentesting
Pentesting contracts
Pentest reports
Summary
Further reading
Index
About Packt
Other Books You May Enjoy.

Cloud Penetration Testing for Red Teamers Learn How to Effectively Pentest AWS, Azure, and GCP Applications

Ejemplares similares