Overview
The Penetration Tests services can be delivered for set-ups ranging from simple applications to complex infrastructures, checking the AWS environment against best practices, potential vulnerabilities and misconfigurations, leveraging in-depth expertise, a well attuned tool set and broad experience.
The scope for a Penetration Test for an AWS Environment includes the following test scenarios:
IAM (Identity Access Managament)
- Enumerating IAM users and roles Cross-account AWS roles and user enumeration
- Abusing overly permissive IAM trust policies Escalating privileges by abusing IAM policies and permissions
**API Gateway
- Enumerating API Gateway and API keys
- Understanding stage variables and usage plans
- Bypassing authentication by verb tampering
- Abusing overly permissive resource policies
- Attacking misconfigured private API endpoints
- Bypassing poorly implemented WAF
- Performing Denial of Service attack on API Gateway
AWS Lambda
- Enumerating Lambda functions and layers. Event data injection
- Command injection & Function runtime code injection
- Specific Attacks : XML external entity (XXE), Server-side request forgery (SSRF), Object deserialization attacks, SQL injection, etc
- Abusing overly permissive resource policies & AWS Lambda permissions
- Manipulating function execution flows
- Retrieving application secrets, keys, and credentials
- Retrieving sensitive information from Lambda
- Runtime API Exploiting vulnerable component and custom runtimes
- Abusing temporary and shared file systems Maintaining access on an AWS account (backdoor)
DynamoDB
- NoSQL injection attack on a DynamoDB-based application.
- SQL injection attack through PartiQL support on a DynamoDB-based application
- NoSQL injection attack on a MongoDB-based application. SQL injection attack on an RDS-based application.
Cloud Storage:
- S3 Misconfigurations
- Enumerating public S3 buckets#
- Identifying bucket policy/ACL constraints on an S3 bucket
- Identifying anonymous write operations on an S3 bucket
- Leveraging misconfigured bucket policies and ACPs
- Anonymous/Authorized public read
- Reading policies and identifying object names
- Writing objects to buckets
- Overwriting bucket ACL and object ACL
- Overwriting bucket policies
- Performing denial of service
- Identifying writable buckets without performing a write operations
- Chaining web application attacks through S3 resources
- S3 ransomwares
A typical project timeline for an AWS Environment Penetration requires between 2 (for Simple Environment) and 6 weeks (for very complex environments).
Deliverables
Following each test, a detailed report about the test results is prepared. At the beginning of the report, a management summary outlines the test parameters and findings. The management summary is accompanied by a visual representation of the identified risks and a tabular list of the findings. Furthermore, a system description is given, as well as a description of the test scope and any possible test exclusions. The main part of the document is the description of the actual findings. For each finding, a summary, a detailed technical description and a recommendation for the mitigation is given. Different stakeholders (management and technical staff) are considered in each section.
Sold by | Spike Reply |
Categories | |
Fulfillment method | Professional Services |
Pricing Information
This service is priced based on the scope of your request. Please contact seller for pricing details.
Support
No support is offered for this product