type
status
date
slug
summary
tags
category
icon
password
这公有云安全靶场挺不错,有官方配套 WP,然后除了攻还有防,也很适合入门和进阶~ 每个靶场有相应的场景和 RealWorld 描述,也把一些诸如 BlackHat 的议题做成靶场,个人认为整体质量很高
个人根据刷题的知识点整理的思维导图知识点,方便ctfer们或者渗透时查漏补缺
原件和高清图附件见文末
下面为各个题目的中文题解,点第一列就会跳转了,其中
Field
BlueTeam 与守较相关,RedTeam 与攻较相关pwnedlabs-aws-free-writeup
Name
Tags
Status
Field
s3
bucket policy
gobuster
hashcat
Done
RedTeam
Beginner
Free
fuff
iam
s3
secrets manager
web
assume role
external id
cloud shell
Done
RedTeam
Beginner
Free
git
rds
trufflehog
sast
mysql
gitleaks
secrets manager
Done
RedTeam
Beginner
Free
web
ec2
path traversal
directory traversal
burp suite
fuff
Done
RedTeam
Beginner
Free
hash cracking
john
s3
dynamodb
vim
macro
cloudtrail
athena
credential stuffing
Done
RedTeam
Intermediate
Free
s3
web
cognito
lambda
ssrf
source code review
Done
RedTeam
Intermediate
Free
hash cracking
iam
s3
psremoting
powershell
windows
ntds
active directory
domain
jea
hashcat
Done
RedTeam
Beginner
Free
附件更新 2024.7.14 v1