aeline Posted November 7, 2022 Share Posted November 7, 2022 Looking for some CTF style challenges around cloud infrastructure. I see CI/CDONT: https://github.com/Hacking-the-Cloud/htc-ctfs/tree/main/aws/cicdont Was wondering if anyone knew any others. 1 Link to comment Share on other sites More sharing options...
clarkee Posted November 7, 2022 Share Posted November 7, 2022 https://www.brokenazure.cloud/ looks kinda cool 1 Link to comment Share on other sites More sharing options...
NeonPayload Posted November 9, 2022 Share Posted November 9, 2022 I know sparceflow did a pretty good book on attacking the cloud. https://www.amazon.com/Hack-Like-Ghost-Sparc-Flow-ebook/dp/B08FH9SQNG I haven't read it in awhile though. 1 Link to comment Share on other sites More sharing options...
vict0ni Posted November 11, 2022 Share Posted November 11, 2022 I liked this one http://flaws.cloud/. Still haven't gone through the whole thing, but it's the first one I encountered and kinda made want to learn more about cloud security Link to comment Share on other sites More sharing options...
DrDisexon Posted November 11, 2022 Share Posted November 11, 2022 A year ago, I was doing penetration testing for cloud and I have to prepare checklist and learn cloud testing. Below are the resource I found out to be useful. http://flaws.cloud/ http://flaws2.cloud/ https://github.com/ine-labs/AWSGoat https://github.com/RhinoSecurityLabs/cloudgoat https://hackingthe.cloud/aws/general-knowledge/assume_role_logic/ The above are the one I have tried so far, but you can take the below reference https://github.com/4ndersonLin/awesome-cloud-security 3 2 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now