Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "CloudFox" (siehe dazu auch [1]) ... helps you answer the following common questions (and many more): What regions is this AWS account using and roughly how many resources are in the account? What secrets are lurking in EC2 userdata or service specific environment variables? What actions/permissions does this [principal] have? What roles trusts are overly permissive or allow cross-account assumption? What endpoints/hostnames/IPs can I attack from an external starting point (public internet)? What endpoints/hostnames/IPs can I attack from an internal starting point (assumed breach within the VPC)? What filesystems can I potentially mount from a compromised resource inside the VPC? VG Bernd [0] https://github.com/BishopFox/cloudfox [1] https://bishopfox.com/blog/introducing-cloudfox -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler@itc.rwth-aachen.de https://www.itc.rwth-aachen.de Social Media Kanäle des IT Centers: https://blog.rwth-aachen.de/itc/ https://www.facebook.com/itcenterrwth https://www.linkedin.com/company/itcenterrwth https://twitter.com/ITCenterRWTH https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ