pwnedlabs.io | 公有云安全靶场 AWS free 篇

type

status

date

slug

summary

category

icon

password

📝

这公有云安全靶场挺不错，有官方配套 WP，然后除了攻还有防，也很适合入门和进阶～每个靶场有相应的场景和 RealWorld 描述，也把一些诸如 BlackHat 的议题做成靶场，个人认为整体质量很高

Pwned Labs - The ultimate cybersecurity training ground

Pwned Labs upskills cybersecurity professionals affordably and effectively. Explore our interactive labs that replicate real-world scenarios.

https://pwnedlabs.io/

个人根据刷题的知识点整理的思维导图知识点，方便ctfer们或者渗透时查漏补缺

原件和高清图附件见文末

下面为各个题目的中文题解，点第一列就会跳转了，其中 Field BlueTeam 与守较相关，RedTeam 与攻较相关

pwnedlabs-aws-free-writeup

Name

Tags

Status

Field

Breach in the Cloud

cloudtrail

iam

Done

BlueTeam

Beginner

Free

Identify the AWS Account ID from a Public S3 Bucket

script

Done

RedTeam

Foundations

Free

AWS S3 Enumeration Basics

Done

RedTeam

Beginner

Free

Intro to AWS IAM Enumeration

iam

Done

BlueTeam

Beginner

Free

Investigate Threats with Amazon Detective

ec2

detective

guardduty

Done

BlueTeam

Beginner

Free

SQS and Lambda SQL Injection

lambda

sqs

script

sql injection

web

serverless

Done

RedTeam

Hard

Free

Exploit Weak Bucket Policies for Privileged Access

bucket policy

gobuster

hashcat

Done

RedTeam

Beginner

Free

Identify IAM Breaches with CloudTrail and Athena

athena

iam

cloudtrail

Done

BlueTeam

Beginner

Free

Secure S3 with Amazon Macie

macie

Done

BlueTeam

Beginner

Free

Reveal Hidden Risks with AWS Security Hub

Security Hub

Done

BlueTeam

Beginner

Free

Assume Privileged Role with External ID

fuff

iam

secrets manager

web

assume role

external id

cloud shell

Done

RedTeam

Beginner

Free

Leverage Leaked Credentials for Pwnage

git

rds

trufflehog

sast

mysql

gitleaks

secrets manager

Done

RedTeam

Beginner

Free

Pillage Exposed RDS Instances

rds

nmap

brute force

Done

RedTeam

Beginner

Free

Plunder Public RDS Snapshots

ec2

rds

snapshot

postgres

Done

RedTeam

Beginner

Free

Loot Public EBS Snapshots

iam

ebs

snapshot

Done

RedTeam

Beginner

Free

Path Traversal to AWS credentials to S3

web

ec2

path traversal

directory traversal

burp suite

fuff

Done

RedTeam

Beginner

Free

Hunt for Secrets in Git Repos

git

trufflehog

git-secrets

Done

RedTeam

Beginner

Free

Access Secrets with S3 Bucket Versioning

web

versioning

Done

RedTeam

Beginner

Free

Execute and Identify Credential Abuse in AWS

hash cracking

john

dynamodb

vim

macro

cloudtrail

athena

credential stuffing

Done

RedTeam

Intermediate

Free

Abuse Cognito User and Identity Pools

web

cognito

lambda

ssrf

source code review

Done

RedTeam

Intermediate

Free

S3 Bucket Brute Force to Breach

brute force

fuff

lambda

ssm

Done

RedTeam

Beginner

Free

Uncover Secrets in CodeCommit and Docker

trufflehog

codecommit

docker

Done

RedTeam

Foundations

Free

Leverage Insecure Storage and Backups for Profit

hash cracking

iam

psremoting

powershell

windows

ntds

active directory

domain

jea

hashcat

Done

RedTeam

Beginner

Free

SSRF to Pwned

bucket

web

ssrf

metadata

ec2

Done

RedTeam

Beginner

Free

附件更新 2024.7.14 v1

tari-pwnedlabs-aws-free.xmind

498.8KB

tari-pwnedlabs-aws-free.png.7z

4105.0KB