pwnedlabs.io | 公有云安全靶场 AWS free 篇
2024-7-14
| 2024-7-14
0  |  阅读时长 0 分钟
type
status
date
slug
summary
tags
category
icon
password
📝
这公有云安全靶场挺不错,有官方配套 WP,然后除了攻还有防,也很适合入门和进阶~ 每个靶场有相应的场景和 RealWorld 描述,也把一些诸如 BlackHat 的议题做成靶场,个人认为整体质量很高
 
个人根据刷题的知识点整理的思维导图知识点,方便ctfer们或者渗透时查漏补缺
notion image
原件和高清图附件见文末
 
下面为各个题目的中文题解,点第一列就会跳转了,其中 Field BlueTeam 与守较相关,RedTeam 与攻较相关
pwnedlabs-aws-free-writeup
pwnedlabs-aws-free-writeup
Name
Tags
Status
Field
cloudtrail
s3
iam
Done
BlueTeam
Beginner
Free
s3
script
Done
RedTeam
Foundations
Free
s3
Done
RedTeam
Beginner
Free
iam
Done
BlueTeam
Beginner
Free
ec2
s3
detective
guardduty
Done
BlueTeam
Beginner
Free
lambda
sqs
script
sql injection
web
serverless
Done
RedTeam
Hard
Free
s3
bucket policy
gobuster
hashcat
Done
RedTeam
Beginner
Free
athena
iam
cloudtrail
Done
BlueTeam
Beginner
Free
macie
s3
Done
BlueTeam
Beginner
Free
s3
Security Hub
Done
BlueTeam
Beginner
Free
fuff
iam
s3
secrets manager
web
assume role
external id
cloud shell
Done
RedTeam
Beginner
Free
git
rds
trufflehog
sast
mysql
gitleaks
secrets manager
Done
RedTeam
Beginner
Free
rds
nmap
brute force
Done
RedTeam
Beginner
Free
ec2
rds
snapshot
postgres
Done
RedTeam
Beginner
Free
s3
iam
ebs
snapshot
Done
RedTeam
Beginner
Free
web
ec2
path traversal
directory traversal
burp suite
fuff
Done
RedTeam
Beginner
Free
git
trufflehog
git-secrets
Done
RedTeam
Beginner
Free
s3
web
versioning
Done
RedTeam
Beginner
Free
hash cracking
john
s3
dynamodb
vim
macro
cloudtrail
athena
credential stuffing
Done
RedTeam
Intermediate
Free
s3
web
cognito
lambda
ssrf
source code review
Done
RedTeam
Intermediate
Free
brute force
fuff
lambda
s3
ssm
Done
RedTeam
Beginner
Free
trufflehog
codecommit
docker
Done
RedTeam
Foundations
Free
hash cracking
iam
s3
psremoting
powershell
windows
ntds
active directory
domain
jea
hashcat
Done
RedTeam
Beginner
Free
s3
bucket
web
ssrf
metadata
ec2
Done
RedTeam
Beginner
Free
 
附件更新 2024.7.14 v1
 
  • 云安全
  • 云安全CTF
  • AWS
  • wordpress后台登录密码前端js加密+php后端解密离职了,第一份安全攻防工作碎碎念
    Loading...
    目录