CLOUD HACKING - key concepts

https://www.niii.tech/

Virtualization

Types os cloud computing:

IaaS, PaaS, SaaS, IDaaS, FaaS, SECaaS, CaaS.

Container is a package holding components of a single application and all its dependencies, relying on virtual isolation.

Docker is the industry leader container management. Docker engine runs various Linux distributions and Windows Server OS.

Kubernetes (K8) open source container (developed by Google and now with Cloud Native Computing Foundation).

Docker rum i a SINGLE SYSTEM, and K8 runs across CLUSTERS.

Deployments models: public, private, community, hybrid and multi.

NIST released SP 500-292, NIST Cloud Computing Reference Architecture

FedRAMP (Federal Risk and Authorization Management Program) is the regulatory effort regarding cloud computing.

PCI SSC Cloud Computing Guidelines published by the Cloud Special Interest Group PCI Security Standards Council.

CSA (Cloud Security Alliance)

Virtualization introduces Hypervisor layer between the physical hardware and subscribed servers. If the hypervisor is compromised, ALL IS COMPROMISED.

Trusted Computing Model try to resolve computer security problems through hardware and software modifications.

TCG (Trusted Computing Group) hardware/software that solve specific plans.

RoT (Roots of Trust) is a set of functions within the Trusted Computing Model that are always trusted by the computer’s OS.

Core Cloud Inspect offer pentest as a service (PenaaS) from AWS for EC2.

CloudPassage Halo offer protection for servers in any combination of data centers.

Other tools:

1) Qualys Cloud Suite

2) Trend Micro’s Instant -On Cloud Security

3) Panda Cloud Office Protection

Other cloud security threat: INSUFFICIENT DUE DILIGENCE

Wrapping Attack:

SOAP message is intercepted and the data is changed.

Other attacks:

1) Session riding (CSRF for cloud)

2) Side channel attack (aka Cross-guest VM breach)

3) Cloudbourne attack

4) Man-in-the-cloud (MITC) attack

5) Cloud hopper attack (spear phishing campaign)

CloudGoat

Tools for container vulnerability:

Trivy

Clair

Dadga

Sysdig (for Kubernetes cluster vulnerabilities)

Amazon Simple Service Storage (S3) buckets are cloud services for store files and etc from applications. S3 bucket permissions can be enumerated using the tool S3Inspector.

AWS error messages tend to help in enumeration with IAM (Identity and access management) user names.

Pacu is the “metasploit of the cloud”.

Other tools:

1) Dumpster Diver

2) CCAT (Cloud Container Attack Tool)

3) Dockerscan

4) AWS pwn

Search This Blog

Niii Technology and Training

CLOUD HACKING - key concepts

Comments

Post a Comment

Popular posts from this blog

Software for EDI (Electronic Data Interchange)

SQL injection - Login and password for any website

Cybersecurity for Beginners - Reconnaissance, Scanning, Gaining Access, Maintaining Access and Clearing Tracks