Hands-On AWS Penetration Testing with Kali Linux: Set-up a virtual lab and pentest major AWS services such as EC2, S3, Lambda, CloudFormation, and more

Identify tools and techniques to secure and perform a penetration test on an AWS infrastructure using Kali LinuxAbout This Book* Learn not only to cover loopholes but also automate security monitoring and alerting within your cloud-based deployment pipelines* Efficiently perform penetration testing techniques on your public cloud instances* A step-by-step guide that will help you leverage the most widely used security platform to secure your AWS-cloud environment.Who This Book Is ForIf you are a security analyst or a penetration tester who is interested in exploiting Cloud environment to find out vulnerable areas an securing them, then this book is for you.Basic understanding of penetration testing, cloud computing, and its security concepts would be needed.What You Will Learn* Guide a penetration tester through the process of enumerating and Pentesting the most common external facing AWS services.* Guide a system administrator through the process of auditing his own infrastructure and identify flaws, weaknesses, and loopholes.* Demonstrate the process of lateral and vertical movement through a partially compromised AWS account.* Demonstrate the process of maintaining stealth and persistence within a compromised AWS account.* Providing a hands-on approach accompanied by process-based examples for all of the above.* Highlight a number of automated tools that would ease the process of continuously assessing and improving the security stance of an AWS infrastructureIn DetailThe cloud is taking over the Information Technology industry. Any organization that is housing a large amount of data or infrastructure has started moving cloud-ward – and AWS rules the roost when it comes to Cloud Service providers with the closest competitor having less than half of its market share. This brings to light the importance of security on the cloud, especially on AWS. While a lot has been said (and written) about how cloud environments can be secured, performing external security assessments a la penetration tests on AWS still falls into the category of dark arts.This book aims to help the pentesters as well as seasoned system administrators with a hands-on approach to penetration testing of the various cloud-services provided by Amazon through AWS using Kali Linux. To make things easier for novice penetration testers, the book focuses on building a practice lab and polishing penetration testing with Kali Linux on the cloud. This is not only helpful for beginners but also for a pentester who would want to set up a Pentesting environment in his private cloud, using Kali Linux, to perform a white-box assessment of his own cloud resources. Besides this, there is a lot of in-depth coverage of the large variety of AWS services that are often overlooked during a pentest – from serverless to automated deployment pipelines.By the end of this book, you will be able to identify possible vulnerable areas efficiently securing your AWS-cloud environment.