intro to AWS PENTESTING (with Pacu)

Скачать intro to AWS PENTESTING (with Pacu) бесплатно в качестве 4к (2к / 1080p)

У нас вы можете скачать бесплатно intro to AWS PENTESTING (with Pacu) или посмотреть видео с ютуба в максимальном доступном качестве.

Для скачивания выберите вариант из формы ниже:

Cкачать музыку intro to AWS PENTESTING (with Pacu) бесплатно в формате MP3:

Если иконки загрузки не отобразились, ПОЖАЛУЙСТА, НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если у вас возникли трудности с загрузкой, пожалуйста, свяжитесь с нами по контактам, указанным в нижней части страницы.
Спасибо за использование сервиса video2dn.com

Описание к видео intro to AWS PENTESTING (with Pacu)

In this video, you’re going to learn how to ethically hack AWS cloud environments that you have explicit permissions for so that you can find exploitable vulnerabilities in your own AWS accounts or for your clients as a pentester, before the threat actors do. I’m going to show you step-by-step how to use an open-source tool called Pacu which is used for AWS pentesting and ethical offensive security so that you can follow along with me.

Policy shown in the video for you to copy/paste:

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:*",
"Resource": "arn:aws:s3:::cybr-pacu-lab-example"
},
{
"Sid": "Statement1",
"Effect": "Allow",
"Action": [
"iam:Get*",
"iam:List*",
"iam:Put*",
"iam:AttachRolePolicy",
"iam:SimulateCustomPolicy",
"iam:SimulatePrincipalPolicy"
],
"Resource": "*"
}
]
}

💬 Chat with me
Discord: https://cybr.com/discord
Website: https://cybr.com
LinkedIn: / christophelimpalair
Twitter: / christophelimp

🔗 Links mentioned in the video:
Pacu: https://github.com/RhinoSecurityLabs/...
AWS: https://aws.amazon.com/
🧪 Cybr Hands-On Labs: https://cybr.com/labs

🎓 Courses
Introduction to AWS Security: https://cybr.com/courses/introduction...
Injection Attacks The Free Guide: https://cybr.com/courses/injection-at...

🚨 Disclaimer
This video is strictly for educational purposes and to teach you how you can detect and mitigate this threat from your or your employer's AWS enviroments. Learning about ethical hacking and penetration testing is an important way of protecting ourselves against threat actors. Also, not all pentesting actions are allowed on the AWS platform as per the AWS ToS, however, what we demonstrate in this video is allowed and perfectly fine. For more details, refer to this page: https://aws.amazon.com/security/penet...

⏱ Timestampts:
00:00 - 00:13 - Introduction
00:14 - 00:31 - Disclaimer
00:32 - 00:46 - About Pacu
00:47 - 01:00 - AWS account setup
01:01 - 01:39 - Installing Pacu
01:40 - 02:16 - Running Pacu
02:17 - 02:46 - About access keys
02:47 - 03:09 - Use test environments!
03:10 - 03:30 - Creating an AWS user
03:31 - 04:14 - Creating user policies
04:15 - 04:29 - Adding the policy to our user
04:30 - 05:08 - Creating our access key
05:09 - 05:45 - Adding the keys to Pacu
05:46 - 06:24 - Pacu modules
06:25 - 06:37 - run iam__enum_permissions
06:38 - 07:00 - whoami
07:01 - 08:04 - run iam__privesc_scan
08:05 - 08:21 - Confirming admin permissions via Pacu
08:22 - 08:34 - Confirming admin permissions via console
08:35 - 09:36 - Detailed explanation of the vulnerability
09:37 - 09:53 - Explanation of how Pacu pulled this off
09:54 - 10:18 - Learning IAM is important!
10:19 - 10:34 - Learn more about AWS security
10:35 - 10:40 - More AWS Security courses coming!
10:41 - 11:00 - Cybr Labs are coming!
11:01 - 11:05 - Outro

#awssecurity #cloudsecurity #cloudpentesting #pentesting #pentester #securityassessment #opensource #cybersecurity #aws