API Keys Now What - Taking the Pen Test Into the Amazon Cloud
Offered By: YouTube
Course Description
Overview
Explore AWS security and penetration testing techniques in this 38-minute conference talk from Derbycon 2019. Dive into topics such as API keys, subdomain takeover, AWS CLI, and metadata exploitation. Learn how to find and utilize API keys, understand AWS permission statements, and navigate AWS networking. Discover insights on Elastic Block Storage, Cloud Audit Support, and other valuable resources for conducting effective penetration tests in the Amazon Cloud environment.
Syllabus
Intro
Overview
What is AWS
AWS vs Windows
AWS API Keys
Subdomain Takeover
AWS Permission Statement
AWS CLI
AWS CLI Sync
Finding API Keys
Where to find API Keys
GitHub Key ID
Output
Secret Keys
Windows Passwords
AWS Networking
AWS Metadata
Elastic Block Storage
Cloud Audit Support
Other Resources
Questions
Related Courses
Powershell and Windows Throw the Best Shell PartiesYouTube Rawr - Rapid Assessment of Web Resources
YouTube Metasploit Town Hall - Redubbed
YouTube Hunting Webshells - Tracking TwoFace
YouTube Incident Response on macOS - Thomas Reed
YouTube