Technology
Deliberately vulnerable AWS, Azure cloud infrastructure is a pen tester’s playground – Black Hat USA
AWSGoat and AzureGoat tools showcased in Las Vegas this week.
Security pros from INE enjoyed a double billing at Black Hat USA on (August 10) as they showcased penetration testing tools AWSGoat and AzureGoat.
Amazon Web Services (AWS) and Microsoft Azure are two of the biggest names in cloud infrastructure, along with Google Cloud Platform (GCP).
With the cloud still a relatively new phenomenon, many developers are not fully aware of the threat landscape and can inadvertently deploy vulnerable cloud infrastructure.
Sometimes a simple misconfiguration or web app vulnerability is all an attacker needs to completely compromise an organization’s environment.
Preemptive attacks
Showcased during the Black Hat Arsenal sessions in Las Vegas this week, AWSGoat and AzureGoat are aimed at providing security enthusiasts and pen testers with an easy-to-deploy vulnerable infrastructure.
Here, they can learn how to enumerate cloud applications, identify vulnerabilities, and chain various attacks to compromise the AWS or Azure account.
The vulnerable-by-design infrastructure showcases the dangers of the OWASP Top 10 web application security threats.
AWSGoat also features misconfigurations based on services such as IAM, S3, API Gateway, Lambda, EC2, and ECS.
While the developers of AWSGoat said there were “numerous tools and vulnerable applications” available for AWS, this is not the case with Azure.
“AzureGoat is our attempt to shorten the gap,” the team from IT and security training firm INE said. “There are far fewer options available to the community.”
The user will be able to deploy AzureGoat on their Azure account using a pre-created Docker image and scripts. Once deployed, the AzureGoat can be used for target practice and be conveniently deleted later.
All the code and deployment scripts for both AWSGoat and AzureGoat have been made open source.
Skylar Grey – Everything I Need [LYRICS]
[Music] Diddy – Dirty Money – “Coming Home” Feat. Skylar Grey
Diddy – Dirty Money – “Coming Home” Feat. Skylar Grey [LYRICS]
[Music] African China – Amen
[Music] African China – Baba God
African China – Baba God [LYRICS]
Machine Gun Kelly (MGK) “Home” Feat X Ambassadors & Bebe Rexha [LYRICS]
Passenger – Let Her Go [LYRICS]
[Music] Eminem – “No Love” Feat. Lil Wayne
Eminem – “No Love” Feat. Lil Wayne [LYRICS]
[Music] Tatiana Manaois – Buzz Kill
Tatiana Manaois – Buzz Kill [LYRICS]
James Blunt – Goodbye My Lover [LYRICS]
Major Lazer – “Particula” Feat. Nasty C , Ice Prince, Patoranking & Jidenna [LYRICS]
James Blunt – You’re Beautiful [LYRICS]
Justin Timberlake – Mirrors [LYRICS]
[Music] Darey – “Pray For Me” feat. Soweto Gospel Choir
Eminem – “Love The Way You Lie” Feat. Rihanna [LYRICS]
Goldlink ft. Miguel – Got Friends [LYRICS]
Sia – I’m Still Here [LYRICS]
Yo Gotti ft. Nicki Minaj – Rake It Up [LYRICS]
Shane McMahon – Here Comes The Money [LYRICS]
Journey – Faithfully [LYRICS]
[Music] Journey – Faithfully
Eminem – Not Afraid [LYRICS]
[Music] Journey – Don’t Stop Believin’
Journey – Don’t Stop Believin’ [LYRICS]
21 Savage – Bank Account [LYRICS]
Demi Lovato – Sober [LYRICS]
Beyonce ft. Jay-Z – Apeshit [LYRICS]
Nasty C ft. ASAP Ferg – King [LYRICS]
Lil Wayne – Uproar [LYRICS]
Ed Sheeran – Perfect [LYRICS]
[Music] Mo’Hits All Star – Close To You
Lil Dicky ft. Chris Brown – Freaky Friday [LYRICS]
Michael Jackson – Stranger In Moscow [LYRICS]
[Music] Celine Dion – I Drove All Night
Celine Dion – I Drove All Night [LYRICS]
Tatiana Manaois – Hey Little Lady [LYRICS]
[Music] Tatiana Manaois – Live Better
[Music] Gnash Ft Olivia O’Brien – I Hate you, I Love you
[INSTRUMENTAL] John Legend – All Of Me
Alan Walker – Faded [INSTRUMENTAL]
[Video] 21 Savage ft. Offset & Metro Boomin – Rap Saved Me
[Instrumental] Wiz Khalifa – See You Again ft. Charlie Puth
[Music] Sapientdream – Pastlives
Salvation Ministry Choir – Amen [LYRICS]
[Music] The Chainsmokers – ‘Don’t Let Me Down’ Feat. Daya
Ladé – Adulthood Anthem (Adulthood Na Scam) [Lyrics]
[Music] Timbaland – Apologize ft. OneRepublic
[Music] Powfu – Death Bed (Coffee for Your Head) Feat. Beabadoobee
[Music] Wyclef Jean – “Sweetest Girl (Dollar Bill)” Feat. Akon, Lil Wayne, Niia
[Music] Zayn Malik – Entertainer
[Music] Wiz Khalifa – See You Again ft. Charlie Puth
[Music] Exalted Tribe (HICC) – We Dey Halla
[Music] Anna Kendrick – Cups (Pitch Perfect’s “When I’m Gone”)
[Music] Diddy – Dirty Money – “Coming Home” Feat. Skylar Grey
[Music] John Legend – Love Me Now
[Music] Right Said Fred – Stand Up (For the Champions)
[Music] Salvation Ministries Choir – Chioma Me Eh(Good God)
[Music] Celine Dion – If That’s What It Takes
Salvation Ministries Choir – Chioma Me Eh(Good God) [LYRICS]
[Music] P!nk – Try
[Music] Shaggy – Strength Of A Woman
[Music] Jaden Smith – Goku
[Music] Wiz Khalifa – See You Again (Remix) Feat Charlie Puth, Eminem, Tyga, & Chris Brown
[Music] R. Kelly – World’s Greatest
Magic! — Rude [LYRICS]
[Music] Journey – Don’t Stop Believin’
[Music] Justin Bieber – Love Me
[Music] Cardi B – Bartier Cardi ft. 21 Savage
[Music] Lionel Richie – Angel
[Music] Tyga ft. Offset – Taste
[Music] P!nk – “Just Give Me A Reason” Feat. Nate Ruess
[Music] BIG SHAQ – Man’s Not Hot
[Music] 21 Savage ft. Offset & Metro Boomin – Rap Saved Me
[Music] Shayne Ward – Breathless
[Music] Post Malone – Candy Paint
[Music] R Kelly – When A Woman Loves
[Music] Bill Withers – Lean On Me
-
Technology2 years agoVoIP Number: Everything You Need To Know
-
Music4 days ago[Music] Gnash Ft Olivia O’Brien – I Hate you, I Love you
-
Music1 day ago[INSTRUMENTAL] John Legend – All Of Me
-
Music5 days agoAlan Walker – Faded [INSTRUMENTAL]
-
Music2 days ago[Video] 21 Savage ft. Offset & Metro Boomin – Rap Saved Me
-
Music4 days ago[Instrumental] Wiz Khalifa – See You Again ft. Charlie Puth
-
Music1 week ago[Music] Akon – Sorry Blame It On Me
-
ANE Stories6 years ago[STORY] AMAKA THE LESBIAN (Complete Episodes)