trasnlate other half

src/pentesting-cloud/aws-security/aws-post-exploitation/README.md

@@ -4,3 +4,5 @@
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-api-gateway-post-exploitation.md

@@ -148,3 +148,5 @@ aws apigateway create-usage-plan-key --usage-plan-id $USAGE_PLAN --key-id $API_K
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-cloudfront-post-exploitation.md

@@ -33,3 +33,5 @@ You can check the [**tf code to recreate this scenarios here**](https://github.c
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/README.md

@@ -86,3 +86,5 @@ aws codebuild delete-source-credentials --arn <value>
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/aws-codebuild-token-leakage.md

@@ -190,3 +190,5 @@ aws codebuild start-build --project-name <proj-name>
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-control-tower-post-exploitation.md

@@ -22,3 +22,5 @@ aws controltower enable-control --control-identifier <arn_control_id> --target-i
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-dlm-post-exploitation.md

@@ -97,3 +97,5 @@ A template for the policy document can be seen here:
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.md

@@ -351,3 +351,5 @@ bashCopy codeaws dynamodbstreams get-records \
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/README.md

@@ -479,3 +479,5 @@ if __name__ == "__main__":
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/aws-ebs-snapshot-dump.md

@@ -143,3 +143,5 @@ You can use this tool to automate the attack: [https://github.com/Static-Flow/Cl
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/aws-malicious-vpc-mirror.md

@@ -17,3 +17,5 @@ For more information and access to the [**malmirror script**](https://github.com
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-ecr-post-exploitation.md

@@ -98,3 +98,5 @@ aws ecr-public batch-delete-image --repository-name your-ecr-repo-name --image-i
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-ecs-post-exploitation.md

@@ -65,3 +65,5 @@ The EC2 instance will probably also have the permission `ecr:GetAuthorizationTok
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-efs-post-exploitation.md

@@ -56,3 +56,5 @@ aws efs delete-access-point --access-point-id <value>
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-eks-post-exploitation.md

@@ -157,3 +157,5 @@ So, if an **attacker compromises a cluster using fargate** and **removes all the
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-elastic-beanstalk-post-exploitation.md

@@ -82,3 +82,5 @@ aws elasticbeanstalk remove-tags --resource-arn arn:aws:elasticbeanstalk:us-west
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-iam-post-exploitation.md

@@ -105,3 +105,5 @@ A common way to avoid Confused Deputy problems is the use of a condition with `A
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-kms-post-exploitation.md

@@ -135,3 +135,5 @@ aws kms schedule-key-deletion \
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-lambda-post-exploitation/README.md

@@ -31,3 +31,5 @@ Abusing Lambda Layers it's also possible to abuse extensions and persist in the
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-lambda-post-exploitation/aws-warm-lambda-persistence.md

@@ -65,3 +65,5 @@ For more info check [https://github.com/carlospolop/lambda_bootstrap_switcher](h
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-lightsail-post-exploitation.md

@@ -32,3 +32,5 @@ Check out the Lightsail privesc options to learn different ways to access potent
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-organizations-post-exploitation.md

@@ -21,3 +21,5 @@ aws organizations deregister-account --account-id <account_id> --region <region>
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-rds-post-exploitation.md

@@ -94,3 +94,5 @@ aws rds start-export-task --export-task-identifier attacker-export-task --source
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-s3-post-exploitation.md

@@ -40,3 +40,5 @@ Finally, the attacker could upload a final file, usually named "ransom-note.txt,
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-secrets-manager-post-exploitation.md

@@ -51,3 +51,5 @@ aws secretsmanager delete-secret \
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-ses-post-exploitation.md

@@ -85,3 +85,5 @@ Still to test.
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-sns-post-exploitation.md

@@ -82,3 +82,5 @@ aws sns untag-resource --resource-arn <value> --tag-keys <key>
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-sqs-post-exploitation.md

@@ -89,3 +89,5 @@ arduinoCopy codeaws sqs remove-permission --queue-url <value> --label <value>
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-sso-and-identitystore-post-exploitation.md

@@ -27,3 +27,5 @@ aws sso-admin delete-account-assignment --instance-arn <SSOInstanceARN> --target
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-stepfunctions-post-exploitation.md

@@ -76,3 +76,5 @@ aws stepfunctions untag-resource --resource-arn <value> --tag-keys <key>
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-sts-post-exploitation.md

@@ -106,3 +106,5 @@ response = client.get_secret_value(SecretId="flag_secret") print(response['Secre
 
 
 
+
+

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-vpn-post-exploitation.md

@@ -15,3 +15,5 @@ For more information:
 
 
 
+
+