相关文章
相关工具
- NotSoSecure/cloud-service-enum - 枚举各家云服务敏感信息的脚本
相关工具
- iiiusky/alicloud-tools - 阿里云 ECS、策略组辅助小工具
- mrknow001/aliyun-accesskey-Tools
相关案例
案例
相关工具
Linux
# 卸载阿里云盾监控
if ps aux | grep -i '[a]liyun'; then
wget http://update.aegis.aliyun.com/download/uninstall.sh && chmod +x uninstall.sh && ./uninstall.sh
wget http://update.aegis.aliyun.com/download/quartz_uninstall.sh && chmod +x quartz_uninstall.sh && ./quartz_uninstall.sh
# 删除残留
sudo pkill aliyun-service
sudo rm -fr /etc/init.d/agentwatch /usr/sbin/aliyun-service
sudo rm -rf /usr/local/aegis*
systemctl stop aliyun.service
systemctl disable aliyun.service
fi
# 屏蔽云盾 IP,用包过滤屏蔽如下 IP
iptables -I INPUT -s 140.205.201.0/28 -j DROP
iptables -I INPUT -s 140.205.201.16/29 -j DROP
iptables -I INPUT -s 140.205.201.32/28 -j DROP
iptables -I INPUT -s 140.205.225.192/29 -j DROP
iptables -I INPUT -s 140.205.225.200/30 -j DROP
iptables -I INPUT -s 140.205.225.184/29 -j DROP
iptables -I INPUT -s 140.205.225.183/32 -j DROP
iptables -I INPUT -s 140.205.225.206/32 -j DROP
iptables -I INPUT -s 140.205.225.205/32 -j DROP
service iptables save
service iptables restart
# 卸载云监控 Java 版本插件
sudo /usr/local/cloudmonitor/wrapper/bin/cloudmonitor.sh stop
sudo /usr/local/cloudmonitor/wrapper/bin/cloudmonitor.sh remove
sudo rm -rf /usr/local/cloudmonitor
# 检查阿里云盾是否卸载干净
ps -aux | grep -E 'aliyun|AliYunDun' | grep -v grepWindows 主机
http://update.aegis.aliyun.com/download/uninstall.bat文章
相关工具
- toniblyx/prowler - 用于 AWS 的实践评估,审计,强化和取证准备工具的命令行工具
- RhinoSecurityLabs/pacu - 开源的 AWS 利用框架
- arkadiyt/aws_public_ips - 获取与 AWS 账户相关的所有公共 IP 地址.
- BishopFox/smogcloud - 查找拥有的暴露的AWS云资产
资源
- AWS-related penetration testing scripts, tools and Cheatsheets - 与 AWS 相关的渗透测试脚本,工具和备忘单
文章
- How security researchers discover open Amazon S3 servers
- Blog, Whats in Amazon's buckets? - DigiNinja
- Bucket Finder - DigiNinja
- PayloadsAllTheThings/AWS Amazon Bucket S3
- 使用Python批量扫描Amazon S3 Bucket配置问题
案例
- #189023 S3 ACL misconfiguration
- #229690 Amazon S3 bucket misconfiguration (share)
- #172549 Possible Blind Writing to S3 Bucket
- #209223 Open S3 Bucket WriteAble To Any Aws User
- #129381 niche s3 buckets are readable/writeable/deleteable by authorized AWS users
工具
- gwen001/s3-buckets-finder
- brianwarehime/inSp3ctor - AWS S3 存储桶/对象查找器
- eth0izzle/bucket-stream - 通过查看证书透明性日志查找有趣的 S3 存储桶。
- jordanpotti/AWSBucketDump - 在 S3 存储桶中查找有趣文件的安全工具
- ankane/s3tk - Amazon S3 的安全工具包
- 0xSearches/sandcastle - 适用于 AWS S3 存储桶枚举的 Python 脚本。
- hahwul/s3reverse - 将 s3 bucket 格式转换为各种格式
Azure AD
Linux主机
if ps aux | grep -i '[y]unjing'; then # 屏蔽腾讯云镜
/usr/local/qcloud/stargate/admin/uninstall.sh
/usr/local/qcloud/YunJing/uninst.sh
/usr/local/qcloud/monitor/barad/admin/uninstall.sh
fi
rm -rf /usr/local/qcloud/
rm -rf /usr/local/sa/
rm -rf /usr/local/agenttoolsWindows主机
程序安装路径是C:\Program Files\QCloud\Stargate和C:\Program Files\QCloud\Monitor
双击目录里面的 uninstall 脚本进行卸载service bcm-agent stop
yum remove bcm-agent -y
apt-get remove bcm-agent -
资源
- puresec/awesome-serverless-security - serverless 安全相关的资源合集
- OWASP/Serverless-Top-10-Project - OWASP serverless TOP10
文章
- serverless - 介绍了什么是 Serverless
- puresec/sas-top-10 - 对 OWASP TOP10 的一篇详细的概括
- The Test Labs
- Securing Lambda Functions
- A Deep Dive into Serverless Attacks, SLS | Protego
靶场
- OWASP/Serverless-Goat - OWASP 的 Serverless 靶场
- OWASP ServerlessGoat - Vulnerable Serverless Application - 是上面靶场的在线版
- Lambda Shell - 一个在线的靶机
- OWASP/DVSA: a Damn Vulnerable Serverless Application - 一个 Serverless 靶场