October 22, 2020

Useful AWS Tools and Links

This week our topic is going to be AWS.  Amazon Web Services (AWS) was the leading cloud service provider in Q3 2020, increasing its share of total spend from last quarter to 32%. Working with several local and global organizations using AWS, we keep learning more and more about the platform and enrich our knowledge to stay on top of the most recent learnings and insights.

 

Here’s a great group of tools and resources to learn from:

AWS Allowlister (GitHub) by Salesforce

Need to generate AWS SCP policy that meets PCI compliance? AWS Allowlister is your answer. This tool is based on  AWS Services in Scope documentation, allowing you to automatically compile an AWS Service Control Policy with one command and in a way that leaves no room for errors - ONLY AWS services that are compliant with your chosen compliance frameworks are allowed.  

Offensive Terraform Modules

Offensive Terraform Modules
is a collection of automated offensive attack modules defined as Infrastructure as Code (IaC). My favorite one is "Cross Account Persistence". For more information and new attack vectors, why not set up a virtual coffee date with our CTO and co-founder Or Azarzar.

offensive terraform modules

 

Anatomy of AWS Lambda


Next up is
Anatomy of AWS Lambda - Lambda internals is super important for offensive, defensive, and R&D purposes.

AWS lambda anatomy

 

Serverless Framework for Lambda Internals Understanding

Then there’s serverless.com - Following recommendation No. 2, I personally believe that reading about a topic is not enough, you need to practice! Using the Serverless framework, it is super easy to develop a serverless architecture and better understand the Lambda internals. I dare you to develop a vulnerable architecture and share an exploitation tutorial with us. Are you up to the challenge??

serverless screenshot

 

AWS S3 Virusscan

And for now, the last one is aws-s3-virusscan - It can be useful especially for public buckets, with improper permissions ofA R/W.

image-wa748

 

-----------------------------------

About Lightspin

Lightspin’s context-based cloud security empowers cloud and security teams to eliminate risks and maximize productivity by proactively and automatically detecting all security risks, smartly prioritizing the most critical issues, and easily fixing them. For more information, visit https://www.lightspin.io/