CLOUD PENETRATION TESTING FOR RED TEAMERS learn how to effectively pentest AWS, Azure, and GCP applications

Book Cover
Average Rating
Author
Crawley, Kim,
Published
Birmingham, UK : Packt Publishing Ltd., 2023.
Status
Available Online

Description

Get to grips with cloud exploits, learn the fundamentals of cloud security, and secure your organization's network by pentesting AWS, Azure, and GCP effectively Key Features Discover how enterprises use AWS, Azure, and GCP as well as the applications and services unique to each platform Understand the key principles of successful pentesting and its application to cloud networks, DevOps, and containerized networks (Docker and Kubernetes) Get acquainted with the penetration testing tools and security measures specific to each platform Purchase of the print or Kindle book includes a free PDF eBook Book Description With AWS, Azure, and GCP gaining prominence, mastering their unique features, ecosystems, and penetration testing protocols has become an indispensable skill, which is precisely what this pentesting guide for cloud platforms will help you achieve. As you navigate through the chapters, you'll explore the intricacies of cloud security testing and gain valuable insights into how pentesters and red teamers evaluate cloud environments effectively. In addition to its coverage of these cloud platforms, the book also guides you through modern methodologies for testing containerization technologies such as Docker and Kubernetes, which are fast becoming staples in the cloud ecosystem. Additionally, it places extended focus on penetration testing AWS, Azure, and GCP through serverless applications and specialized tools. These sections will equip you with the tactics and tools necessary to exploit vulnerabilities specific to serverless architecture, thus providing a more rounded skill set. By the end of this cloud security book, you'll not only have a comprehensive understanding of the standard approaches to cloud penetration testing but will also be proficient in identifying and mitigating vulnerabilities that are unique to cloud environments. What you will learn Familiarize yourself with the evolution of cloud networks Navigate and secure complex environments that use more than one cloud service Conduct vulnerability assessments to identify weak points in cloud configurations Secure your cloud infrastructure by learning about common cyber attack techniques Explore various strategies to successfully counter complex cloud attacks Delve into the most common AWS, Azure, and GCP services and their applications for businesses Understand the collaboration between red teamers, cloud administrators, and other stakeholders for cloud pentesting Who this book is for This book is for pentesters, aspiring pentesters, and red team members seeking specialized skills for leading cloud platforms--AWS, Azure, and GCP. Those working in defensive security roles will also find this book useful to extend their cloud security skills.

More Details

Format
Edition
1st edition.
Language
English
ISBN
9781803248868, 1803248866

Notes

Description
Get to grips with cloud exploits, learn the fundamentals of cloud security, and secure your organization's network by pentesting AWS, Azure, and GCP effectively Key Features Discover how enterprises use AWS, Azure, and GCP as well as the applications and services unique to each platform Understand the key principles of successful pentesting and its application to cloud networks, DevOps, and containerized networks (Docker and Kubernetes) Get acquainted with the penetration testing tools and security measures specific to each platform Purchase of the print or Kindle book includes a free PDF eBook Book Description With AWS, Azure, and GCP gaining prominence, mastering their unique features, ecosystems, and penetration testing protocols has become an indispensable skill, which is precisely what this pentesting guide for cloud platforms will help you achieve. As you navigate through the chapters, you'll explore the intricacies of cloud security testing and gain valuable insights into how pentesters and red teamers evaluate cloud environments effectively. In addition to its coverage of these cloud platforms, the book also guides you through modern methodologies for testing containerization technologies such as Docker and Kubernetes, which are fast becoming staples in the cloud ecosystem. Additionally, it places extended focus on penetration testing AWS, Azure, and GCP through serverless applications and specialized tools. These sections will equip you with the tactics and tools necessary to exploit vulnerabilities specific to serverless architecture, thus providing a more rounded skill set. By the end of this cloud security book, you'll not only have a comprehensive understanding of the standard approaches to cloud penetration testing but will also be proficient in identifying and mitigating vulnerabilities that are unique to cloud environments. What you will learn Familiarize yourself with the evolution of cloud networks Navigate and secure complex environments that use more than one cloud service Conduct vulnerability assessments to identify weak points in cloud configurations Secure your cloud infrastructure by learning about common cyber attack techniques Explore various strategies to successfully counter complex cloud attacks Delve into the most common AWS, Azure, and GCP services and their applications for businesses Understand the collaboration between red teamers, cloud administrators, and other stakeholders for cloud pentesting Who this book is for This book is for pentesters, aspiring pentesters, and red team members seeking specialized skills for leading cloud platforms--AWS, Azure, and GCP. Those working in defensive security roles will also find this book useful to extend their cloud security skills.
Local note
O'Reilly O'Reilly Online Learning: Academic/Public Library Edition

Table of Contents

Cover
Title Page
Copyright
Dedication
Contributors
Table of Contents
Preface
Part 1: Today's Cloud Networks and Their Security Implications
Chapter 1: How Do Enterprises Utilize and Implement Cloud Networks?
Cloud networks today
Hybrid cloud, all-cloud, and multi-cloud networks
All-cloud networks
Hybrid cloud networks
Multi-cloud networks
Why an organization would have a multi-cloud network
The cloud migration process
Security responsibilities in the cloud
AWS
Azure
GCP
The difference between IaaS, PaaS, and SaaS
Summary
Further reading
Chapter 2: How Are Cloud Networks Cyber Attacked?
Understanding penetration testing
External and internal attacks
External cyberattacks
Internal cyberattacks
Attacks on the confidentiality, integrity, and availability of cloud data
Confidentiality
Integrity
Availability
Understanding lateral movement in the cloud
Exploitation of remote services
Internal spearphishing
Lateral tool transfer
Remote service session hijacking
Software deployment tools
Tainted shared content
Zero-trust networks
Summary
Further reading
Chapter 3: Key Concepts for Pentesting Today's Cloud Networks
Cloud platform policies, benchmark checks, and services enumeration
Exposed services, permissions, and integrations
Exposed services
Permissions
Cloud integration
CVE, CVSS, and vulnerabilities
Vulnerabilities
The MITRE database
How do vulnerabilities get recorded in the CVE database?
Purple teaming and writing pentest reports
Purple teaming
Writing pentest reports
Summary
Further reading
Part 2: Pentesting AWS
Chapter 4: Security Features in AWS
Introduction to AWS
Frequently used AWS SaaS features
AWS IaaS features
Compute services
Storage services.
AWS PaaS features
AWS security controls and tools
Security controls
Security tools
Summary
Further reading
Chapter 5: Pentesting AWS Features through Serverless Applications and Tools
Technical requirements
How to get an AWS network
Using AWS PowerShell and the AWS CLI
Bash commands
PowerShell commands
Exploring AWS-native security tools
AWS Security Hub
Amazon Inspector
Installing and preparing AWS pentesting tools
Prowler
Pacu
Cred Scanner
CloudFrunt
Redboto
Exploiting AWS applications
Prowler
Pacu
Summary
Further reading
Chapter 6: Pentesting Containerized Applications in AWS
Technical requirements
How containerization works
How Docker works in AWS
Installing a Docker cluster in AWS with Amazon ECS
Deploying Docker with Docker Desktop
How Kubernetes works in AWS
Docker and Kubernetes pentesting techniques in AWS
Installation in Docker
Installation in Kubernetes
Summary
Further reading
Part 3: Pentesting Microsoft Azure
Chapter 7: Security Features in Azure
Introduction to Azure
Frequently used Azure SaaS applications
Azure Maps
Azure Digital Twins
Azure Monitor
Microsoft Cost Management
Azure Advisor
Network Watcher
Azure IaaS applications
Azure Virtual Machines
Azure Kubernetes Service
Azure Container Instances
Azure Dedicated Host
Azure PaaS applications
Azure SQL Database
Web Apps
Mobile Apps
Azure Logic Apps
Azure Functions
Azure security controls and tools
Security controls
Security tools
Summary
Further reading
Chapter 8: Pentesting Azure Features through Serverless Applications and Tools
Technical requirements
Setting up an Azure instance
Setting up an Azure account
Using Azure Cloud Shell and PowerShell
Azure native security tools.
Microsoft Defender
Azure pentesting tools
Prowler
MFASweep
ScoutSuite
Exploiting Azure applications
Prowler
MFASweep
ScoutSuite
Summary
Further reading
Chapter 9: Pentesting Containerized Applications in Azure
Technical requirements
How containerization works
How Docker works in Azure
How Kubernetes works in Azure
Docker and Kubernetes pentesting techniques in Azure
kube-hunter
kdigger
Summary
Further reading
Part 4: Pentesting GCP
Chapter 10: Security Features in GCP
Introduction to GCP
Frequently used GCP SaaS applications
Google Workspace
Google App Engine
Cost Management
Google Cloud app
Google Marketing Platform
GCP IaaS services
Compute Engine
Cloud Storage
Shielded VMs
Sole-tenant nodes
GCP PaaS services
Cloud SDK
Cloud SQL
Cloud Run
GKE
Anthos
GCP security controls and tools
Security controls
Security tools
Summary
Further reading
Chapter 11: Pentesting GCP Features through Serverless Applications and Tools
Technical requirements
GCP free tier
Launching a GCP network
Using GCP Cloud Shell
GCP native security tools
Exploring the GCP console
Installing GCP pentesting tools
Prowler
GCPBucketBrute
GCP Scanner
Exploiting GCP applications
Prowler
GCPBucketBrute
GCP Scanner
Summary
Further reading
Chapter 12: Pentesting Containerized Applications in GCP
Technical requirements
How containerization works
VMs
Containers
How Docker works in GCP
How Kubernetes works in GCP
Docker and Kubernetes pentesting techniques in GCP
Deploying Docker
Deploying Kubernetes
Trivy
Summary
Further reading
Chapter 13: Best Practices and Summary
Content review
Questions
Answers
Your cloud pentesting toolkit.
Cloud and pentester certifications
Cloud
Pentesting
Pentesting contracts
Pentest reports
Summary
Further reading
Index
About Packt
Other Books You May Enjoy.

Discover More

More Like This

  • Microsoft defender for cloud Cover
  • Getting started with IBM Hyper Protect Data Controller Cover
  • Threat hunting in the cloud: defending AWS, Azure and other cloud platforms against cyberattacks Cover
  • Cloud computing security: foundations and challenges Cover
  • SECURING CLOUD SERVICES;A PRAGMATIC APPROACH, SECOND EDITION Cover
  • Active Directory administration cookbook: actionable, proven solutions to identity management and authentication on servers and in the cloud Cover
  • Trust in computer systems and the cloud Cover
  • SECURITY AND PRIVACY TRENDS IN CLOUD COMPUTING AND BIG DATA Cover
  • Cyber-Vigilance and Digital Trust Cover
  • Microsoft Defender for Cloud Cookbook: Protect Multicloud and Hybrid Cloud Environments, Manage Compliance and Strengthen Security Posture Cover
  • Privacy and security challenges in cloud computing: a holistic approach Cover
  • Cloud native data security with OAuth Cover
  • Deploying a modern security data lake Cover
  • SECURING CLOUD PCs AND AZURE VIRTUAL DESKTOP: start implementing and optimizing security for Windows 365 and AVD infrastructure Cover
  • IBM Hyper protect platform: applying data protection and confidentiality in a hybrid cloud environment Cover
  • Cloud Computing Security, 2nd Edition Cover
  • Cloud security handbook: find out how to effectively secure cloud environments using AWS, Azure, and GCP Cover
  • Cyber security on Azure: an it professional's guide to Microsoft Azure security Cover
  • Audit IAM Configurations Cover
  • Practical cloud security: a guide for secure design and deployment Cover
  • AWS: security best practices on AWS : learn to secure your data, servers, and applications with AWS Cover
  • Cloud security automation: get to grips with automating your cloud security on AWS and OpenStack Cover
  • Digital Transformation and Modernization with IBM API Connect: a Practical Guide to Developing, Deploying, and Managing High-Performance and Secure Hybrid-cloud APIs Cover
  • Cloud Native Security Cover
  • HYBRID CLOUD SECURITY PATTERNS: leverage modern repeatable architecture patterns to secure your workloads on the cloud Cover

Reviews from GoodReads

Loading GoodReads Reviews.

Citations

APA Citation, 7th Edition (style guide)

Crawley, K. (2023). CLOUD PENETRATION TESTING FOR RED TEAMERS: learn how to effectively pentest AWS, Azure, and GCP applications (1st edition.). Packt Publishing Ltd..

Chicago / Turabian - Author Date Citation, 17th Edition (style guide)

Crawley, Kim. 2023. CLOUD PENETRATION TESTING FOR RED TEAMERS: Learn How to Effectively Pentest AWS, Azure, and GCP Applications. Birmingham, UK: Packt Publishing Ltd.

Chicago / Turabian - Humanities (Notes and Bibliography) Citation, 17th Edition (style guide)

Crawley, Kim. CLOUD PENETRATION TESTING FOR RED TEAMERS: Learn How to Effectively Pentest AWS, Azure, and GCP Applications Birmingham, UK: Packt Publishing Ltd, 2023.

Harvard Citation (style guide)

Crawley, K. (2023). CLOUD PENETRATION TESTING FOR RED TEAMERS: learn how to effectively pentest AWS, azure, and GCP applications. 1st edn. Birmingham, UK: Packt Publishing Ltd.

MLA Citation, 9th Edition (style guide)

Crawley, Kim. CLOUD PENETRATION TESTING FOR RED TEAMERS: Learn How to Effectively Pentest AWS, Azure, and GCP Applications 1st edition., Packt Publishing Ltd., 2023.

Note! Citations contain only title, author, edition, publisher, and year published. Citations should be used as a guideline and should be double checked for accuracy. Citation formats are based on standards as of August 2021.

Staff View

Grouped Work ID
3aa2ebb9-40e5-d968-60cb-ff87d68f611c-eng
Go To Grouped Work View in Staff Client

Grouping Information

Grouped Work ID3aa2ebb9-40e5-d968-60cb-ff87d68f611c-eng
Full titlecloud penetration testing for red teamers learn how to effectively pentest aws azure and gcp applications
Authorcrawley kim
Grouping Categorybook
Last Update2025-01-24 12:33:29PM
Last Indexed2025-05-22 03:11:38AM

Book Cover Information

Image Sourcedefault
First LoadedDec 22, 2024
Last UsedMay 15, 2025

Marc Record

First DetectedDec 16, 2024 11:27:19 PM
Last File Modification TimeDec 17, 2024 08:26:44 AM
SuppressedRecord had no items

MARC Record

LEADER10107cam a22004337a 4500
001on1407094068
003OCoLC
00520241217082456.0
006m     o  d        
007cr |n|||||||||
008231103s2023    enk     o     000 0 eng d
020 |a 9781803248868|q (electronic bk.)
020 |a 1803248866|q (electronic bk.)
035 |a (OCoLC)1407094068
037 |a 9781803248486|b O'Reilly Media
040 |a YDX|b eng|c YDX|d OCLCO|d ORMDA|d UKAHL|d OCLCF|d DXU
049 |a MAIN
050 4|a QA76.585
08204|a 004.67/82|2 23/eng/20231205
1001 |a Crawley, Kim,|e author.
24510|a CLOUD PENETRATION TESTING FOR RED TEAMERS|h [electronic resource] :|b learn how to effectively pentest AWS, Azure, and GCP applications /|c Kim Crawley.
250 |a 1st edition.
260 |a Birmingham, UK :|b Packt Publishing Ltd.,|c 2023.
300 |a 1 online resource
5050 |a Cover -- Title Page -- Copyright -- Dedication -- Contributors -- Table of Contents -- Preface -- Part 1: Today's Cloud Networks and Their Security Implications -- Chapter 1: How Do Enterprises Utilize and Implement Cloud Networks? -- Cloud networks today -- Hybrid cloud, all-cloud, and multi-cloud networks -- All-cloud networks -- Hybrid cloud networks -- Multi-cloud networks -- Why an organization would have a multi-cloud network -- The cloud migration process -- Security responsibilities in the cloud -- AWS -- Azure -- GCP -- The difference between IaaS, PaaS, and SaaS -- Summary -- Further reading -- Chapter 2: How Are Cloud Networks Cyber Attacked? -- Understanding penetration testing -- External and internal attacks -- External cyberattacks -- Internal cyberattacks -- Attacks on the confidentiality, integrity, and availability of cloud data -- Confidentiality -- Integrity -- Availability -- Understanding lateral movement in the cloud -- Exploitation of remote services -- Internal spearphishing -- Lateral tool transfer -- Remote service session hijacking -- Software deployment tools -- Tainted shared content -- Zero-trust networks -- Summary -- Further reading -- Chapter 3: Key Concepts for Pentesting Today's Cloud Networks -- Cloud platform policies, benchmark checks, and services enumeration -- Exposed services, permissions, and integrations -- Exposed services -- Permissions -- Cloud integration -- CVE, CVSS, and vulnerabilities -- Vulnerabilities -- The MITRE database -- How do vulnerabilities get recorded in the CVE database? -- Purple teaming and writing pentest reports -- Purple teaming -- Writing pentest reports -- Summary -- Further reading -- Part 2: Pentesting AWS -- Chapter 4: Security Features in AWS -- Introduction to AWS -- Frequently used AWS SaaS features -- AWS IaaS features -- Compute services -- Storage services.
5058 |a AWS PaaS features -- AWS security controls and tools -- Security controls -- Security tools -- Summary -- Further reading -- Chapter 5: Pentesting AWS Features through Serverless Applications and Tools -- Technical requirements -- How to get an AWS network -- Using AWS PowerShell and the AWS CLI -- Bash commands -- PowerShell commands -- Exploring AWS-native security tools -- AWS Security Hub -- Amazon Inspector -- Installing and preparing AWS pentesting tools -- Prowler -- Pacu -- Cred Scanner -- CloudFrunt -- Redboto -- Exploiting AWS applications -- Prowler -- Pacu -- Summary -- Further reading -- Chapter 6: Pentesting Containerized Applications in AWS -- Technical requirements -- How containerization works -- How Docker works in AWS -- Installing a Docker cluster in AWS with Amazon ECS -- Deploying Docker with Docker Desktop -- How Kubernetes works in AWS -- Docker and Kubernetes pentesting techniques in AWS -- Installation in Docker -- Installation in Kubernetes -- Summary -- Further reading -- Part 3: Pentesting Microsoft Azure -- Chapter 7: Security Features in Azure -- Introduction to Azure -- Frequently used Azure SaaS applications -- Azure Maps -- Azure Digital Twins -- Azure Monitor -- Microsoft Cost Management -- Azure Advisor -- Network Watcher -- Azure IaaS applications -- Azure Virtual Machines -- Azure Kubernetes Service -- Azure Container Instances -- Azure Dedicated Host -- Azure PaaS applications -- Azure SQL Database -- Web Apps -- Mobile Apps -- Azure Logic Apps -- Azure Functions -- Azure security controls and tools -- Security controls -- Security tools -- Summary -- Further reading -- Chapter 8: Pentesting Azure Features through Serverless Applications and Tools -- Technical requirements -- Setting up an Azure instance -- Setting up an Azure account -- Using Azure Cloud Shell and PowerShell -- Azure native security tools.
5058 |a Microsoft Defender -- Azure pentesting tools -- Prowler -- MFASweep -- ScoutSuite -- Exploiting Azure applications -- Prowler -- MFASweep -- ScoutSuite -- Summary -- Further reading -- Chapter 9: Pentesting Containerized Applications in Azure -- Technical requirements -- How containerization works -- How Docker works in Azure -- How Kubernetes works in Azure -- Docker and Kubernetes pentesting techniques in Azure -- kube-hunter -- kdigger -- Summary -- Further reading -- Part 4: Pentesting GCP -- Chapter 10: Security Features in GCP -- Introduction to GCP -- Frequently used GCP SaaS applications -- Google Workspace -- Google App Engine -- Cost Management -- Google Cloud app -- Google Marketing Platform -- GCP IaaS services -- Compute Engine -- Cloud Storage -- Shielded VMs -- Sole-tenant nodes -- GCP PaaS services -- Cloud SDK -- Cloud SQL -- Cloud Run -- GKE -- Anthos -- GCP security controls and tools -- Security controls -- Security tools -- Summary -- Further reading -- Chapter 11: Pentesting GCP Features through Serverless Applications and Tools -- Technical requirements -- GCP free tier -- Launching a GCP network -- Using GCP Cloud Shell -- GCP native security tools -- Exploring the GCP console -- Installing GCP pentesting tools -- Prowler -- GCPBucketBrute -- GCP Scanner -- Exploiting GCP applications -- Prowler -- GCPBucketBrute -- GCP Scanner -- Summary -- Further reading -- Chapter 12: Pentesting Containerized Applications in GCP -- Technical requirements -- How containerization works -- VMs -- Containers -- How Docker works in GCP -- How Kubernetes works in GCP -- Docker and Kubernetes pentesting techniques in GCP -- Deploying Docker -- Deploying Kubernetes -- Trivy -- Summary -- Further reading -- Chapter 13: Best Practices and Summary -- Content review -- Questions -- Answers -- Your cloud pentesting toolkit.
5058 |a Cloud and pentester certifications -- Cloud -- Pentesting -- Pentesting contracts -- Pentest reports -- Summary -- Further reading -- Index -- About Packt -- Other Books You May Enjoy.
520 |a Get to grips with cloud exploits, learn the fundamentals of cloud security, and secure your organization's network by pentesting AWS, Azure, and GCP effectively Key Features Discover how enterprises use AWS, Azure, and GCP as well as the applications and services unique to each platform Understand the key principles of successful pentesting and its application to cloud networks, DevOps, and containerized networks (Docker and Kubernetes) Get acquainted with the penetration testing tools and security measures specific to each platform Purchase of the print or Kindle book includes a free PDF eBook Book Description With AWS, Azure, and GCP gaining prominence, mastering their unique features, ecosystems, and penetration testing protocols has become an indispensable skill, which is precisely what this pentesting guide for cloud platforms will help you achieve. As you navigate through the chapters, you'll explore the intricacies of cloud security testing and gain valuable insights into how pentesters and red teamers evaluate cloud environments effectively. In addition to its coverage of these cloud platforms, the book also guides you through modern methodologies for testing containerization technologies such as Docker and Kubernetes, which are fast becoming staples in the cloud ecosystem. Additionally, it places extended focus on penetration testing AWS, Azure, and GCP through serverless applications and specialized tools. These sections will equip you with the tactics and tools necessary to exploit vulnerabilities specific to serverless architecture, thus providing a more rounded skill set. By the end of this cloud security book, you'll not only have a comprehensive understanding of the standard approaches to cloud penetration testing but will also be proficient in identifying and mitigating vulnerabilities that are unique to cloud environments. What you will learn Familiarize yourself with the evolution of cloud networks Navigate and secure complex environments that use more than one cloud service Conduct vulnerability assessments to identify weak points in cloud configurations Secure your cloud infrastructure by learning about common cyber attack techniques Explore various strategies to successfully counter complex cloud attacks Delve into the most common AWS, Azure, and GCP services and their applications for businesses Understand the collaboration between red teamers, cloud administrators, and other stakeholders for cloud pentesting Who this book is for This book is for pentesters, aspiring pentesters, and red team members seeking specialized skills for leading cloud platforms--AWS, Azure, and GCP. Those working in defensive security roles will also find this book useful to extend their cloud security skills.
590 |a O'Reilly|b O'Reilly Online Learning: Academic/Public Library Edition
650 0|a Cloud computing|x Security measures.
650 0|a Cloud computing|x Testing.
650 0|a Computer security.|9 65527
77608|i Print version:|z 1803248483|z 9781803248486|w (OCoLC)1393077152
85640|u https://library.access.arlingtonva.us/login?url=https://learning.oreilly.com/library/view/~/9781803248486/?ar|x O'Reilly|z eBook
938 |a Askews and Holts Library Services|b ASKH|n AH41898030
938 |a YBP Library Services|b YANK|n 305792952
994 |a 92|b VIA
999 |c 360017|d 360017