Cloud Hacking
Jump to navigation
Jump to search
Amazon - AWS
Microsoft - Azure
- https://hackingthe.cloud/azure/abusing-managed-identities
- https://www.synacktiv.com/en/publications/azure-ad-introduction-for-red-teamers.html
- https://blog.xpnsec.com/azuread-connect-for-redteam
- AAD Connect Cloud Sync: as local admin impersonate or retrieve managed password of the provagentgMSA account to dcsync.
- https://www.blackhillsinfosec.com/webcast-getting-started-in-pentesting-the-cloud-azure
- https://github.com/dafthack/CloudPentestCheatsheets/blob/master/cheatsheets/Azure.md
- https://bloodhound.readthedocs.io/en/latest/data-collection/azurehound.html
Microsoft Office 365 - o365
- Extremely in-depth technical info on everything https://o365blog.com
Google Cloud Platform - GCP
- https://cloud.hacktricks.xyz/pentesting-cloud/gcp-security
- https://hackingthe.cloud/gcp/general-knowledge/client-credential-search-order
Cloud Hacking Tools
- https://github.com/nyxgeek/o365recon - Retrieve information via O365 and AzureAD with a valid cred
- https://github.com/dirkjanm/ROADtools - A collection of Azure AD tools for offensive and defensive security purposes
- https://github.com/fox-it/adconnectdump - Dump Azure AD Connect credentials for Azure AD and Active Directory
- https://github.com/LMGsec/o365creeper - Python script that performs e-mail address validation against Office 365 without submitting login attempts.
- https://github.com/rvrsh3ll/TokenTactics - Azure JWT Token Manipulation Toolset
- https://github.com/nyxgeek/onedrive_user_enum - OneDrive user enumeration - pentest tool to enumerate valid o365 users
- https://github.com/dafthack/MSOLSpray - A password spraying tool for Microsoft Online accounts (Azure/O365)
- https://github.com/dafthack/MFASweep - A tool for checking if MFA is enabled on multiple Microsoft Services