Awesome-Mirrors/awesome-aws-security
1
0
Fork 0
mirror of https://github.com/jassics/awesome-aws-security.git synced 2025-03-13 09:36:37 -04:00
Code Issues Packages Projects Releases Wiki Activity

Updated few more informations

Browse Source
This commit is contained in:
jassi 2021-03-12 08:59:17 +05:30
parent 2b2e2aef21
commit cf17c15a8c
1 changed files with 13 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -64,6 +64,7 @@ And don't forget to **bookmark AWS Security bulletin** for new vulenrabilities n
7. [AWS Cloud Security](https://www.oreilly.com/library/view/aws-cloud-security/9780135174784/) - Oreilly
8. [Introduction to AWS Security Hub](https://www.youtube.com/watch?v=o0NDi01YPXs) - Youtube
9. [Solution for flaws.cloud AWS Security Challenge](https://www.youtube.com/watch?v=VDptLO9XYbU&list=PLRTsCutScZnzo3uV_79Dur73kqskfaTMS) - Youtube Playlist
10. [AWS Security Best Practice: Well-Architected way](https://www.youtube.com/watch?v=u6BCVkXkPnM) - Youtube
## Online Tutorials/Blogs/Presentations
1. [AWS Security official blog](https://aws.amazon.com/blogs/security/)
@ -81,6 +82,7 @@ And don't forget to **bookmark AWS Security bulletin** for new vulenrabilities n
13. [Finding SSRF via HTML Injection inside a PDF file on AWS EC2](https://blog.appsecco.com/finding-ssrf-via-html-injection-inside-a-pdf-file-on-aws-ec2-214cc5ec5d90)
14. [Getting shell and data access in AWS by chaining vulnerabilities](https://blog.appsecco.com/getting-shell-and-data-access-in-aws-by-chaining-vulnerabilities-7630fa57c7ed)
15. [Hacking Serverless Runtimes - Blackhat2017](https://www.blackhat.com/docs/us-17/wednesday/us-17-Krug-Hacking-Severless-Runtimes.pdf)
16. [Detailed blog on ConsoleMe: A Central Control Plane for AWS Permissions and Access by Netflix](https://netflixtechblog.com/consoleme-a-central-control-plane-for-aws-permissions-and-access-fd09afdd60a8)
## Online Courses (Paid/Free)
1. [AWS Fundamentals: Address Security Risks](https://www.coursera.org/learn/aws-fundamentals-addressing-security-risk) - Coursera
@ -113,7 +115,7 @@ And don't forget to **bookmark AWS Security bulletin** for new vulenrabilities n
* 1.14 **AWS Conformance Packs:** A conformance pack is a collection of AWS Config rules and remediation actions that can be easily deployed as a single entity in an account and a Region or across an organization in AWS Organizations. [conformance packs on github](https://github.com/awslabs/aws-config-rules/tree/master/aws-config-conformance-packs)
2. [Arsenal of AWS Security Tools](https://github.com/toniblyx/my-arsenal-of-aws-security-tools) - Collection of all security category tools and products
3. [AWS Security Automation](https://github.com/awslabs/aws-security-automation) - Collection of scripts and resources for DevSecOps and Automated Incident Response Security
4. [Security Monkey](https://github.com/Netflix/security_monkey) - Monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.
4. ~~[Security Monkey]~~(https://github.com/Netflix/security_monkey) - Monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.
5. [truffleHog](https://github.com/dxa4481/truffleHog) - Searches through git repositories for high entropy strings and secrets, digging deep into commit history
6. [gitleaks](https://github.com/zricethezav/gitleaks) - Audit git repos for secrets
7. [AWS Security Benchmark](https://github.com/awslabs/aws-security-benchmark) - Open source demos, concept and guidance related to the AWS CIS Foundation framework.
@ -125,9 +127,10 @@ And don't forget to **bookmark AWS Security bulletin** for new vulenrabilities n
13. [Pacu](https://github.com/RhinoSecurityLabs/pacu) - AWS Penetration Testing Toolkits
14. [Zeus](https://github.com/DenizParlak/Zeus) - AWS Auditing and Hardening tool
15. [Cloud Mapper](https://github.com/duo-labs/cloudmapper) - Analyze your AWS environments (Python)
16. [ConsoleMe](https://github.com/Netflix/consoleme) - A Central Control Plane for AWS Permissions and Access
## Security Practice and CTFs
1. [AWS Well Architected Security Labs](https://wellarchitectedlabs.com/Security/README.html)
1. [AWS Well Architected Security Labs](https://wellarchitectedlabs.com/security/)
2. [Flaws to learn common mistakes in AWS through challenge](http://flaws.cloud/)
3. [Flaws2 focuses on AWS security concepts through various challenge levels](http://flaws2.cloud/)
4. [CloudGoat](https://github.com/RhinoSecurityLabs/cloudgoat) - Vulnerable by Design AWS infrastructure setup tool
@ -135,9 +138,10 @@ And don't forget to **bookmark AWS Security bulletin** for new vulenrabilities n
6. [AWS S3 CTF Challenges with solutions](https://n0j.github.io/2017/10/02/aws-s3-ctf.html)
7. [AWS CTF with practical scenario](https://r00tz-ctf.awssecworkshops.com/)
8. [Breaking and Pwning Apps and Servers on AWS and Azure by AppSecCo](https://github.com/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training) - The training covers a multitude of scenarios taken from our vulnerability assessment, penetration testing and OSINT engagements which take the student through the journey of discovery, identification and exploitation of security weaknesses, misconfigurations and poor programming practices that can lead to complete compromise of the cloud infrastructure.
9. [AWS Workshop](https://awsworkshop.io/) - This is not exactly security part, but would be helpful to understand AWS with this workshop examples.
## AWS Security Bulleting Important Issues
1. [Container Networking Security Issue ([CVE-2020-8558](https://nvd.nist.gov/vuln/detail/CVE-2020-8558))](This issue may allow containers running on the same host, or adjacent hosts (hosts running in the same LAN or layer 2 domain), to reach TCP and UDP services bound to localhost (127.0.0.1))
1. [Container Networking Security Issue ([CVE-2020-8558])](https://nvd.nist.gov/vuln/detail/CVE-2020-8558) (This issue may allow containers running on the same host, or adjacent hosts (hosts running in the same LAN or layer 2 domain), to reach TCP and UDP services bound to localhost (127.0.0.1))
2. [Minimum Version of TLS 1.2 Required for FIPS Endpoints by March 31, 2021](https://aws.amazon.com/security/security-bulletins/AWS-2020-001/)
3. [Unencrypted md5 plaintext hash in metadata in AWS S3 Crypto SDK for golang](https://github.com/google/security-research/security/advisories/GHSA-76wf-9vgp-pj7w)
4. [CBC padding oracle issue in AWS S3 Crypto SDK for golang](https://github.com/google/security-research/security/advisories/GHSA-f5pg-7wfw-84q9) : [CVE-2020-8911](https://nvd.nist.gov/vuln/detail/CVE-2020-8911)