Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"CloudFox" (siehe dazu auch [1])
... helps you answer the following common questions (and many more):
What regions is this AWS account using and roughly how many resources are in the account?
What secrets are lurking in EC2 userdata or service specific environment variables?
What actions/permissions does this [principal] have?
What roles trusts are overly permissive or allow cross-account assumption?
What endpoints/hostnames/IPs can I attack from an external starting point (public internet)?
What endpoints/hostnames/IPs can I attack from an internal starting point (assumed breach within the VPC)?
What filesystems can I potentially mount from a compromised resource inside the VPC?
VG
Bernd
[0]
https://github.com/BishopFox/cloudfox
[1]
https://bishopfox.com/blog/introducing-cloudfox
--
Bernd Kohler
IT Center
Abteilung: Netze
RWTH Aachen University
Wendlingweg 10
52074 Aachen
Tel: +49 241 80-29793
Fax: +49 241 80-22666
kohler(a)itc.rwth-aachen.de
https://www.itc.rwth-aachen.de
Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/https://www.facebook.com/itcenterrwthhttps://www.linkedin.com/company/itcenterrwthhttps://twitter.com/ITCenterRWTHhttps://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ