gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-01-07 02:03:45 -08:00
Code Issues Packages Projects Releases Wiki Activity

Update URLs

Browse Source
This commit is contained in:
Jimmy
2025-01-10 16:34:21 +01:00
parent 37bf365f5b
commit 833b571498
35 changed files with 51 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/pentesting-cloud/aws-security/README.md
View File

@@ -37,7 +37,7 @@ From a Red Team point of view, the **first step to compromise an AWS environment
- **Social** Engineering
- **Password** reuse (password leaks)
- Vulnerabilities in AWS-Hosted Applications
- [**Server Side Request Forgery**](https://book.hacktricks.xyz/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf) with access to metadata endpoint
- [**Server Side Request Forgery**](https://book.hacktricks.wiki/en/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf.html) with access to metadata endpoint
- **Local File Read**
- `/home/USERNAME/.aws/credentials`
- `C:\Users\USERNAME\.aws\credentials`
@@ -67,7 +67,7 @@ aws-permissions-for-a-pentest.md
If you found a SSRF in a machine inside AWS check this page for tricks:
{{#ref}}
https://book.hacktricks.xyz/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf
https://book.hacktricks.wiki/en/pentesting-web/ssrf-server-side-request-forgery/cloud-ssrf.html
{{#endref}}
### Whoami
@@ -147,7 +147,7 @@ As pentester/red teamer you should always check if you can find **sensitive info
In this book you should find **information** about how to find **exposed AWS services and how to check them**. About how to find **vulnerabilities in exposed network services** I would recommend you to **search** for the specific **service** in:
{{#ref}}
https://book.hacktricks.xyz/
https://book.hacktricks.wiki/
{{#endref}}
## Compromising the Organization