Awesome-Mirrors/awesome-aws-security
1
0
Fork 0
mirror of https://github.com/jassics/awesome-aws-security.git synced 2025-02-14 14:01:25 -05:00
Code Issues Packages Projects Releases Wiki Activity

Added the ThreatModel for Amazon S3

Browse Source 
ThreatModel for Amazon S3 https://github.com/trustoncloud/threatmodel-for-aws-s3 - Library of all the attack scenarios on Amazon S3 and how to mitigate them, following a risk-based approach
This commit is contained in:
jon-trust 2023-01-25 11:47:42 +08:00 committed by GitHub
parent 532a0ad526
commit 23dd7ccb3a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -168,6 +168,7 @@ And don't forget to **bookmark AWS Security bulletin** for new vulnerabilities n
9. [Breaking and Pwning Apps and Servers on AWS and Azure by AppSecCo](https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training) - The training covers a multitude of scenarios taken from our vulnerability assessment, penetration testing and OSINT engagements which take the student through the journey of discovery, identification and exploitation of security weaknesses, misconfigurations and poor programming practices that can lead to complete compromise of the cloud infrastructure. 9. [Breaking and Pwning Apps and Servers on AWS and Azure by AppSecCo](https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training) - The training covers a multitude of scenarios taken from our vulnerability assessment, penetration testing and OSINT engagements which take the student through the journey of discovery, identification and exploitation of security weaknesses, misconfigurations and poor programming practices that can lead to complete compromise of the cloud infrastructure.
10. [AWS Workshop official](https://awsworkshop.io/) - This is not exactly security part, but would be helpful to understand AWS with this workshop examples. 10. [AWS Workshop official](https://awsworkshop.io/) - This is not exactly security part, but would be helpful to understand AWS with this workshop examples.
11. [AWS Security Workshops](https://awssecworkshops.com/) by AWS 11. [AWS Security Workshops](https://awssecworkshops.com/) by AWS
12. [ThreatModel for Amazon S3](https://github.com/trustoncloud/threatmodel-for-aws-s3) - Library of all the attack scenarios on Amazon S3 and how to mitigate them, following a risk-based approach
## AWS Security Bulletin Important Issues ## AWS Security Bulletin Important Issues
1. [Container Networking Security Issue ([CVE-2020-8558])](https://nvd.nist.gov/vuln/detail/CVE-2020-8558) (This issue may allow containers running on the same host, or adjacent hosts (hosts running in the same LAN or layer 2 domain), to reach TCP and UDP services bound to localhost (127.0.0.1)) 1. [Container Networking Security Issue ([CVE-2020-8558])](https://nvd.nist.gov/vuln/detail/CVE-2020-8558) (This issue may allow containers running on the same host, or adjacent hosts (hosts running in the same LAN or layer 2 domain), to reach TCP and UDP services bound to localhost (127.0.0.1))