TerraGoat - Vulnerable Terraform Infrastructure

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. Introduction TerraGoat was built to enable DevSecOps design and implement a...

IAM Vulnerable - Use Terraform To Create Your Own Vulnerable By Design AWS IAM Privilege Escalation Playground

Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground. IAM Vulnerable uses the Terraform binary and your AWS credentials to deploy over 250 IAM resources into your selected AWS account. Within minutes, you can start learning how to identify and exploit...

[SECURITY] Fedora 35 Update: python-botocore-1.22.7-1.fc35

A low-level interface to a growing number of Amazon Web Services. The botocore package is the foundation for the AWS CLI as well as boto3...

openSUSE: Security Advisory for aws-cli, (openSUSE-SU-2021:1206-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE 15 Security Update : aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3 (openSUSE-SU-2021:1206-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1206-1 advisory. - urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control...

openSUSE: Security Advisory for aws-cli, (openSUSE-SU-2021:2817-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2021:2817-1 Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3

This patch updates the Python AWS SDK stack in SLE 15: General: aws-cli - Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package. python-boto3 - Version updated to upstream release 1.17.9 For a detailed list of all change...

SUSE-SU-2021:2817-1 Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3

This patch updates the Python AWS SDK stack in SLE 15: General: aws-cli - Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package. python-boto3 - Version updated to upstream release 1.17.9 For a detailed list of all change...

Reddit: S3 bucket Upload on studio.redditinc.com (s3-r-w.ap-east-1.amazonaws.com)

Greetings team, Found a s3 bucket that belongs to studio.redditinc.com and properly not configured. bucket name:- s3-r-w.ap-east-1.amazonaws.com Bucket Source:-studio.redditinc.com Steps To reproduce:- In terminal , " dig studio.redditinc.com " will get the CNAME as d326d3e45wj426.cloudfront.net...

AWS Pen-Testing Laboratory - Pentesting Lab With A Kali Linux Instance Accessible Via Ssh And Wireguard VPN And With Vulnerable Instances In A Private Subnet

PenTesting laboratory deployed as IaC with Terraform on AWS. It deploys a Kali Linux instance accessible via ssh & wireguard VPN. Vulnerable instances in a private subnet. NOTE: Ids only defined for region "eu-west-1" For other regions, kali ami id must be specified and metasploitable3 id after...

SUSE-RU-2021:2194-1 Recommended update for the Azure and AWS SDKs

This update for the SLE Public Cloud module provides the following fixes: Azure SDK update: This update for the Azure SDK and CLI adds support for the AHB Azure Hybrid Benefit. bsc1176784, jscECO-3105 AWS SDK update: This update for the AWS SDK updates python-boto3 to version 1.17.9 and aws-cli t...

SUSE: Security Advisory (SUSE-SU-2020:0251-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

U.S. Dept Of Defense: S3 bucket listing/download

It's possible to get a listing and download every file in the S3 bucket ██████████ and ███████ . Supporting Material/References https://hackerone.com/reports/278191 Impact An attacker can download files that are not intended to be public, both buckets are very big. An attacker can increase...

Command Injection in quobject/aws-cli-js

Overview The issue occurs because a user input is formatted inside a command that will be executed without any check. The issue arises here. Proof of Concept Credit: Mik317 1. Create the following PoC file: js // poc.js var awsCli = require"aws-cli-js"; var Options = awsCli.Options; var Aws =...

U.S. Dept Of Defense: No ACL on S3 Bucket in [https://www.██████████/]

Summary: Hi team!, i was able to move and download all file in s3 bucket that's under ████ control cuz it didn't has ACL Step-by-step Reproduction Instructions first we will try to access all files via browser by go to this s3.amazonaws.com/files.████████ Now We Will try to download all files on...

SUSE-SU-2020:0251-1 Security update for aws-cli

This update for aws-cli to version 1.16.297 fixes the following issues: Security issue fixed: - CVE-2018-15869: Fixed an permission handling issue where an unexpected AMI could potentially be used bsc1105988. Non-security issues fixed: - Fixed an issue with the CLI client, where a...

Rock-ON - An All In One Recon Tool That Will Just Get A Single Entry Of The Domain Name And Do All Of The Work Alone

Rock-On is a all in one recon tool that will help your Recon process give a boost. It is mainley aimed to automate the whole process of recon and save the time that is being wasted in doing all this stuffs manually. A thorough blog will be up in sometime. Stay tuned for the Stable version with a...

CVE-2018-15869

An Amazon Web Services AWS developer who does not specify the --owners flag when describing images via AWS CLI, and therefore not properly validating source software per AWS recommended security best practices, may unintentionally load an undesired and potentially malicious Amazon Machine Image A...

Scout2 - Security Auditing Tool For AWS Environments

Scout2 is a security tool that lets AWS administrators assess their environment's security posture. Using the AWS API, Scout2 gathers configuration data for manual inspection and highlights high-risk areas automatically. Rather than pouring through dozens of pages on the web, Scout2 supplies a...

CloudMapper - Tool To Analyze Your Amazon Web Services (AWS) Environments

CloudMapper helps you analyze your Amazon Web Services AWS environments. The original purpose was to generate network diagrams and display them in your browser. It now contains more functionality. Demo:https://duo-labs.github.io/cloudmapper/ Intro...