├── Cloud PenTest - AWS and Azure by Joas.pdf
├── Cloud PenTest - AWS and Azure by Joas.xmind
└── README.md


/Cloud PenTest - AWS and Azure by Joas.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CyberSecurityUP/Awesome-Cloud-PenTest/HEAD/Cloud PenTest - AWS and Azure by Joas.pdf


--------------------------------------------------------------------------------
/Cloud PenTest - AWS and Azure by Joas.xmind:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CyberSecurityUP/Awesome-Cloud-PenTest/HEAD/Cloud PenTest - AWS and Azure by Joas.xmind


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # Awesome-Cloud-PenTest
  2 | 
  3 | ## Cloud PenTest - AWS and Azure by Joas
  4 | 
  5 | ## What is AWS
  6 | 
  7 | - https://docs.aws.amazon.com/
  8 | 
  9 | - https://github.com/awsdocs
 10 | 
 11 | ## Extras Resources
 12 | 
 13 | - https://github.com/enaqx/awesome-pentest
 14 | 
 15 | - https://www.sans.org/cyber-security-courses/cloud-penetration-testing/
 16 | 
 17 | - https://www.udemy.com/course/cloud-hacking/
 18 | 
 19 | - https://aws.amazon.com/pt/security/penetration-testing/
 20 | 
 21 | - https://cloudacademy.com/course/aws-security-fundamentals/introduction-74/
 22 | 
 23 | - https://cobalt.io/blog/what-you-need-to-know-about-aws-pentesting
 24 | 
 25 | - https://gracefulsecurity.com/an-introduction-to-penetration-testing-aws-same-same-but-different/
 26 | 
 27 | - https://www.virtuesecurity.com/aws-penetration-testing-part-2-s3-iam-ec2/
 28 | 
 29 | - https://securityboulevard.com/2021/03/aws-penetration-testing-essential-guidance-for-2021/
 30 | 
 31 | - https://www.darkskope.com/aws-penetration-testing
 32 | 
 33 | - https://bootcamps.pentesteracademy.com/certifications
 34 | 
 35 | - https://docs.microsoft.com/pt-br/azure/security/fundamentals/pen-testing
 36 | 
 37 | - https://www.youtube.com/watch?v=lOhvIooWzOg
 38 | 
 39 | - https://gbhackers.com/cloud-computing-penetration-testing-checklist-important-considerations/
 40 | 
 41 | - https://www.linkedin.com/pulse/cloud-computing-penetration-testing-checklist-priya-james-ceh-1/
 42 | 
 43 | - https://www.happiestminds.com/blogs/tag/penetration-testing-checklist/
 44 | 
 45 | - https://blog.rsisecurity.com/how-to-conduct-cloud-penetration-testing/
 46 | 
 47 | - https://www.nettitude.com/uk/penetration-testing/cloud-service-testing/
 48 | 
 49 | - https://techbeacon.com/enterprise-it/pen-testing-cloud-based-apps-step-step-guide
 50 | 
 51 | - https://book.hacktricks.xyz/cloud-security/cloud-security-review
 52 | 
 53 | - https://medium.com/@jonathanchelmus/cloud-pentesting-for-noobs-da867d9c5ecb
 54 | 
 55 | - https://pt.slideshare.net/TeriRadichel/are-you-ready-for-a-cloud-pentest
 56 | 
 57 | - https://www.blackhillsinfosec.com/tag/pentest/
 58 | 
 59 | - https://www.youtube.com/watch?v=aqumgrSBDM4
 60 | 
 61 | - My ebook: https://drive.google.com/file/d/14rthHtAgbd--pWEmzmj4i5j59Rl6dLC1/view?usp=sharing
 62 | 
 63 | - https://hackerassociate.com/training-and-certification/ocpt-offensive-cloud-penetration-testing/
 64 | 
 65 | - https://ine.com/pages/cloudpentesting
 66 | 
 67 | - https://hausec.com/2020/01/31/attacking-azure-azure-ad-and-introducing-powerzure/
 68 | 
 69 | - https://gracefulsecurity.com/an-introduction-to-pentesting-azure/
 70 | 
 71 | - https://rhinosecuritylabs.com/cloud-security/common-azure-security-vulnerabilities/
 72 | 
 73 | ## My Social Networks
 74 | 
 75 | - https://www.linkedin.com/in/joas-antonio-dos-santos
 76 | 
 77 | - https://twitter.com/C0d3Cr4zy
 78 | 
 79 | ## What is Azure
 80 | 
 81 | - https://docs.microsoft.com/pt-br/azure/?product=featured
 82 | 
 83 | - https://github.com/MicrosoftDocs/azure-docs
 84 | 
 85 | ## PenTest Policy
 86 | 
 87 | - https://docs.microsoft.com/en-us/azure/security/fundamentals/pen-testing
 88 | 
 89 | - https://www.microsoft.com/en-us/msrc/pentest-rules-of-engagement?rtc=1
 90 | 
 91 | - https://aws.amazon.com/pt/security/penetration-testing/
 92 | 
 93 | - https://msrc.microsoft.com/en-us/engage/pentest
 94 | 
 95 | ## PenTest in AWS
 96 | 
 97 | - Offensive Security
 98 | 
 99 | - https://github.com/carnal0wnage/weirdAAL	
100 | - https://github.com/RhinoSecurityLabs/pacu	
101 | - https://github.com/disruptops/cred_scanner	
102 | - https://github.com/dagrz/aws_pwn	
103 | - https://github.com/MindPointGroup/cloudfrunt	
104 | - https://github.com/prevade/cloudjack	
105 | - https://github.com/andresriancho/nimbostratus	
106 | - https://github.com/zricethezav/gitleaks	
107 | - https://github.com/dxa4481/truffleHog	
108 | - https://github.com/securing/DumpsterDiver	
109 | - https://github.com/gruntwork-io/cloud-nuke	
110 | - https://github.com/ThreatResponse/mad-king	
111 | - https://github.com/mozilla/MozDef	
112 | - https://github.com/puresec/lambda-proxy	
113 | - https://github.com/Static-Flow/CloudCopy	
114 | - https://github.com/andresriancho/enumerate-iam	
115 | - https://github.com/Voulnet/barq	
116 | - https://github.com/RhinoSecurityLabs/ccat	
117 | - https://github.com/bishopfox/dufflebag	
118 | - https://github.com/splunk/attack_range	
119 | - https://github.com/elitest/Redboto	
120 | - https://github.com/Skyscanner/whispers	
121 | - https://github.com/0xsha/cloudbrute	
122 | - https://github.com/Parasimpaticki/sandcastle	
123 | - https://github.com/smiegles/mass3	
124 | - https://github.com/koenrh/s3enum	
125 | - https://github.com/tomdev/teh_s3_bucketeers	
126 | - https://github.com/eth0izzle/bucket-stream	
127 | - https://github.com/gwen001/s3-buckets-finder	
128 | - https://github.com/aaparmeggiani/s3find	
129 | - https://github.com/random-robbie/slurp	
130 | - https://github.com/clario-tech/s3-inspector	
131 | - https://github.com/pbnj/s3-fuzzer	
132 | - https://github.com/jordanpotti/AWSBucketDump	
133 | - https://github.com/bear/s3scan	
134 | - https://github.com/sa7mon/S3Scanner	
135 | - https://github.com/magisterquis/s3finder	
136 | - https://github.com/abhn/S3Scan	
137 | - https://github.com/whitfin/s3-meta	
138 | - https://github.com/whitfin/s3-meta	
139 | - https://github.com/vr00n/Amazon-Web-Shenanigans	
140 | - https://github.com/FishermansEnemy/bucket_finder	
141 | - https://github.com/brianwarehime/inSp3ctor	
142 | - https://github.com/Atticuss/bucketcat	
143 | - https://github.com/nahamsec/lazys3	
144 | - https://github.com/Ucnt/aws-s3-data-finder	
145 | - https://github.com/securing/BucketScanner	
146 | - https://github.com/VirtueSecurity/aws-extender-cli	
147 | - https://github.com/cr0hn/festin	
148 | - https://github.com/kurmiashish/S3Insights	
149 | - https://github.com/nccgroup/s3_objects_check	
150 | - https://github.com/toniblyx/my-arsenal-of-aws-security-tools
151 | - https://rhinosecuritylabs.com/aws/aws-essentials-top-5-tests-penetration-testing-aws/
152 | - https://rhinosecuritylabs.com/aws/pacu-open-source-aws-exploitation-framework/
153 | - https://github.com/eth0izzle/shhgit
154 | - https://www.getastra.com/blog/security-audit/aws-penetration-testing/
155 | - https://owasp.org/www-pdf-archive/Aws_security_joel_leino.pdf
156 | - https://rhinosecuritylabs.com/penetration-testing/penetration-testing-aws-cloud-need-know/
157 | - https://github.com/PacktPublishing/Hands-On-AWS-Penetration-Testing-with-Kali-Linux
158 | - https://github.com/lamkeysing92/aws-pentest-inventory
159 | - https://github.com/dagrz/aws_pwn
160 | - https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training
161 | 
162 | ## AWS Security
163 | 
164 | - Defensive: Hardening, Security Assessment and Inventory
165 | 
166 | 
167 | - https://github.com/nccgroup/ScoutSuite	
168 | - https://github.com/toniblyx/prowler	
169 | - https://github.com/cloudsploit/scans	
170 | - https://github.com/duo-labs/cloudmapper	
171 | - https://github.com/duo-labs/cloudtracker	
172 | - https://github.com/awslabs/aws-security-benchmark	
173 | - https://github.com/arkadiyt/aws_public_ips	
174 | - https://github.com/nccgroup/PMapper	
175 | - https://github.com/nccgroup/aws-inventory	
176 | - https://github.com/disruptops/resource-counter	
177 | - https://github.com/Teevity/ice	
178 | - https://github.com/cyberark/SkyArk	
179 | - https://github.com/willbengtson/trailblazer-aws	
180 | - https://github.com/lateralblast/lunar	
181 | - https://github.com/tensult/cloud-reports	
182 | - https://github.com/tmobile/pacbot	
183 | - https://github.com/SecurityFTW/cs-suite	
184 | - https://github.com/te-papa/aws-key-disabler	
185 | - https://github.com/turnerlabs/antiope	
186 | - https://github.com/lyft/cartography	
187 | - https://github.com/mlabouardy/komiser	
188 | - https://github.com/darkarnium/perimeterator	
189 | - https://github.com/DenizParlak/Zeus	
190 | - https://github.com/darkbitio/aws-recon	
191 | - https://github.com/mhlabs/iam-policies-cli	
192 | - https://github.com/toniblyx/my-arsenal-of-aws-security-tools
193 | - https://github.com/jassics/awesome-aws-security
194 | 
195 | - https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-cis.html
196 | 
197 | ## PenTest in Azure
198 | 
199 | - Enumeration
200 | 
201 | - o365creeper - Enumerate valid email addresses
202 | - CloudBrute - Tool to find a cloud infrastructure of a company on top Cloud providers
203 | - cloud_enum - Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud
204 | - Azucar - Security auditing tool for Azure environments
205 | - CrowdStrike Reporting Tool for Azure (CRT) - Query Azure AD/O365 tenants for hard to find permissions and configuration settings
206 | - ScoutSuite - Multi-cloud security auditing tool. Security posture assessment of different cloud environments.
207 | - BlobHunter - A tool for scanning Azure blob storage accounts for publicly opened blobs
208 | - Grayhat Warfare - Open Azure blobs and AWS bucket search
209 | 
210 | - Information Gathering
211 | 
212 | - o365recon - Information gathering with valid credentials to Azure
213 | - Get-MsolRolesAndMembers.ps1 - Retrieve list of roles and associated role members
214 | - ROADtools - Framework to interact with Azure AD
215 | - PowerZure - PowerShell framework to assess Azure security
216 | - Azurite - Enumeration and reconnaissance activities in the Microsoft Azure Cloud
217 | - Sparrow.ps1 - Helps to detect possible compromised accounts and applications in the Azure/M365 environment
218 | - Hawk - Powershell based tool for gathering information related to O365 intrusions and potential breaches
219 | - Microsoft Azure AD Assessment - Tooling for assessing an Azure AD tenant state and configuration
220 | 
221 | - Lateral Movement
222 | 
223 | - Stormspotter - Azure Red Team tool for graphing Azure and Azure Active Directory objects
224 | - AzureADLateralMovement - Lateral Movement graph for Azure Active Directory
225 | - SkyArk - Discover, assess and secure the most privileged entities in Azure and AWS
226 | 
227 | - Exploitation
228 | 
229 | - MicroBurst - A collection of scripts for assessing Microsoft Azure security
230 | - azuread_decrypt_msol_v2.ps1 - Decrypt Azure AD MSOL service account
231 | - Credential Attacks
232 | 
233 | 	- MSOLSpray - A password spraying tool for Microsoft Online accounts (Azure/O365)
234 | 	- MFASweep - A tool for checking if MFA is enabled on multiple Microsoft Services Resources
235 | 	- adconnectdump - Dump Azure AD Connect credentials for Azure AD and Active Directory
236 | 
237 | - Abusing Azure AD SSO with the Primary Refresh Token
238 | 
239 | - Abusing dynamic groups in Azure AD for Privilege Escalation
240 | 
241 | - Attacking Azure, Azure AD, and Introducing PowerZure
242 | 
243 | - Attacking Azure & Azure AD, Part II
244 | 
245 | - Azure AD Connect for Red Teamers
246 | 
247 | - Azure AD Introduction for Red Teamers
248 | 
249 | - Azure AD Pass The Certificate
250 | 
251 | - Azure AD privilege escalation - Taking over default application permissions as Application Admin
252 | 
253 | - Defense and Detection for Attacks Within Azure
254 | 
255 | - Hunting Azure Admins for Vertical Escalation
256 | 
257 | - Impersonating Office 365 Users With Mimikatz
258 | 
259 | - Lateral Movement from Azure to On-Prem AD
260 | 
261 | - Malicious Azure AD Application Registrations
262 | 
263 | - Moving laterally between Azure AD joined machines
264 | 
265 | - CrowdStrike Launches Free Tool to Identify and Help Mitigate Risks in Azure Active Directory
266 | 
267 | - Privilege Escalation Vulnerability in Azure Functions
268 | 
269 | - Azure Application Proxy C2
270 | 
271 | - Recovering Plaintext Passwords from Azure Virtual Machines like It’s the 1990s
272 | 
273 | - Azure Articles from NetSPI
274 | 
275 | - Azure Cheat Sheet on CloudSecDocs
276 | 
277 | - Resources about Azure from Cloudberry Engineering
278 | 
279 | - Resources from PayloadsAllTheThings
280 | 
281 | - Encyclopedia on Hacking the Cloud - (No content yet for Azure)
282 | 
283 | - azure-security-lab - Securing Azure Infrastructure - Hands on Lab Guide
284 | 
285 | - AzureSecurityLabs - Hands-on Security Labs focused on Azure IaaS Security
286 | 
287 | - Building Free Active Directory Lab in Azure
288 | 
289 | - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Cloud%20-%20Azure%20Pentest.md
290 | 
291 | - https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/security/fundamentals/pen-testing.md
292 | 
293 | - https://github.com/swiftsolves-msft/AzurePenTestScope
294 | 
295 | ## Azure Security
296 | 
297 | - https://github.com/LennonCMJ/pentest_script/blob/master/Azure_Testing.md
298 | 
299 | - https://github.com/dafthack/CloudPentestCheatsheets
300 | 
301 | - https://github.com/mattrotlevi/lava
302 | 
303 | - https://github.com/Azure/Azure-Security-Center
304 | 
305 | - https://github.com/kmcquade/awesome-azure-security
306 | 
307 | - https://github.com/MicrosoftLearning/AZ-500-Azure-Security
308 | 
309 | - https://github.com/Azure/Azure-Network-Security
310 | 
311 | - https://github.com/MicrosoftDocs/SecurityBenchmarks
312 | 
313 | - https://microsoftlearning.github.io/AZ500-AzureSecurityTechnologies/
314 | 
315 | - https://www.cisecurity.org/benchmark/azure/
316 | 


--------------------------------------------------------------------------------