# Additional References This section contains links for additional reading that are relevant to the training ## General * [AWS Cloud Adoption Framework Security](https://d0.awsstatic.com/whitepapers/AWS_CAF_Security_Perspective.pdf) * [AWS Security Best Practices](https://aws.amazon.com/whitepapers/aws-security-best-practices/) * [Building a cloud specific incident response plan for AWS](https://aws.amazon.com/blogs/publicsector/building-a-cloud-specific-incident-response-plan/) * [Guidelines for Evidence Collection and Archiving](https://www.ietf.org/rfc/rfc3227.txt) * [CSA CCSK Certification](https://cloudsecurityalliance.org/education/ccsk/#_overview) * [Download CSA Cloud Controls Matrix from here](https://cloudsecurityalliance.org/artifacts/csa-ccm-v-3-0-1-11-12-2018-FINAL/) * [See this web page for Security Path](https://aws.amazon.com/training/paths-specialty/) * [Guidelines on Security and Privacy in Public Cloud Computing](https://nvlpubs.nist.gov/nistpubs/legacy/sp/nistspecialpublication800-144.pdf) * [Cloud computing NIST Security Reference Architecture](https://collaborate.nist.gov/twiki-cloud-computing/pub/CloudComputing/CloudSecurity/NIST_Security_Reference_Architecture_2013.05.15_v1.0.pdf) * [OWASP Cloud Security Project](https://www.owasp.org/index.php/OWASP_Cloud_Security_Project) * [AWS exploitation framework](https://github.com/RhinoSecurityLabs/pacu) * [AWS privilege escalation methods implemented in Pacu](https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/) * [Using Burp to brute force a login page](https://support.portswigger.net/customer/portal/articles/1964020-using-burp-to-brute-force-a-login-page) * [Using hydra to brute force a HTML form](https://null-byte.wonderhowto.com/how-to/hack-like-pro-crack-online-web-form-passwords-with-thc-hydra-burp-suite-0160643/) * [Cloud Security Suite](https://github.com/SecurityFTW/cs-suite) * [7 common pitfalls when moving to the cloud](https://www.hackerone.com/blog/7-Common-Security-Pitfalls-Avoid-When-Migrating-Cloud) * [Subdomain takeover on Starbucks](https://hackerone.com/reports/325336) * [Accenture S3 data leak](https://www.upguard.com/breaches/cloud-leak-accenture) ## AWS * [AWS in Plain English](https://www.expeditedssl.com/aws-in-plain-english) * [Amazon Web Services - a practical guide](https://github.com/open-guides/og-aws) * [AWS CIS Benchmarks](https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf) * [AWS Security Best Practices](https://aws.amazon.com/whitepapers/aws-security-best-practices/) * [AWS Security Primer](https://cloudonaut.io/aws-security-primer/) * [Security auditing tool for AWS environments](https://github.com/nccgroup/Scout2) * [Prowler: AWS CIS Benchmark Tool](https://github.com/toniblyx/prowler) * [Nimbostratus -Tools for fingerprinting and exploiting AWS](https://andresriancho.github.io/nimbostratus/) * [Aardvark is a multi-account AWS IAM Access Advisor API](https://github.com/Netflix-Skunkworks/aardvark) * [Security Monkey](https://github.com/Netflix/security_monkey) * [CloudSploit Scans](https://github.com/cloudsploit/scans) * [System Shock: How A Cloud Leak Exposed Accenture's Business](https://www.upguard.com/breaches/cloud-leak-accenture) * [Fullstop - Audit reporting](https://github.com/zalando-stups/fullstop) * [Getting shell and data access in AWS by chaining vulnerabilities](https://blog.appsecco.com/getting-shell-and-data-access-in-aws-by-chaining-vulnerabilities-7630fa57c7ed) * [Getting started with Version 2 of AWS EC2 Instance Metadata service (IMDSv2)](https://blog.appsecco.com/getting-started-with-version-2-of-aws-ec2-instance-metadata-service-imdsv2-2ad03a1f3650) * [Server Side Request Forgery (SSRF) and AWS EC2 instances after Instance Meta Data Service version 2(IMDSv2)](https://blog.appsecco.com/server-side-request-forgery-ssrf-and-aws-ec2-instances-after-instance-meta-data-service-version-38fc1ba1a28a) * [An SSRF, privileged AWS keys and the Capital One breach](https://blog.appsecco.com/an-ssrf-privileged-aws-keys-and-the-capital-one-breach-4c3c2cded3af) * [Server Side Request Forgery via HTML injection in PDF download](https://blog.appsecco.com/server-side-request-forgery-via-html-injection-in-pdf-download-90ee4053e911) * [Abusing the AWS metadata service using SSRF vulnerabilities](https://blog.christophetd.fr/abusing-aws-metadata-service-using-ssrf-vulnerabilities/) * [AWS Vulnerabilities and the Attacker's Perspective](https://rhinosecuritylabs.com/cloud-security/aws-security-vulnerabilities-perspective/) * [Pivoting in Amazon Clouds](https://www.blackhat.com/docs/us-14/materials/us-14-Riancho-Pivoting-In-Amazon-Clouds-WP.pdf) * [Security Tools for AWS](https://gist.github.com/markofu/549fbd287edf08c38e869dacc740e49d) * * * * [AWS changes its PenTesting permission requirement, Appsecco found out exactly what is allowed and what is not](https://blog.appsecco.com/aws-changes-its-pentesting-permission-requirement-appsecco-found-out-exactly-what-is-allowed-and-b3603b85de7) ## Google * [Google Cloud Service Accounts](https://cloud.google.com/iam/docs/service-accounts) * [Using OAuth 2.0 for Server to Server Applications](https://developers.google.com/identity/protocols/oauth2/service-account) * [5 important security settings you need to review for your GKE clusters](https://kloudle.com/academy/5-important-security-settings-you-need-to-review-for-your-gke-clusters) * [Google Security Command Center](https://cloud.google.com/security-command-center/docs) * [Security & Privacy of Google Cloud Storage](https://cloud.google.com/storage/docs/gsutil/addlhelp/SecurityandPrivacyConsiderations) * [Escalating privileges in Google Cloud, from app to cloud access](https://kloudle.com/academy/escalating-privileges-in-google-cloud-from-app-to-cloud-access) * [Understanding common Google Cloud misconfigurations using GCP Goat](https://kloudle.com/academy/understanding-common-google-cloud-misconfigurations-using-gcp-goat) * [5 ways to connect to your GCP VM instances using SSH](https://kloudle.com/academy/5-ways-to-connect-to-your-gcp-vm-instances-using-ssh) * [Security Overview](https://cloud.google.com/kubernetes-engine/docs/concepts/security-overview) * [Harden your cluster's security](https://cloud.google.com/kubernetes-engine/docs/how-to/hardening-your-cluster) * [Google Kubernetes Engine Audit policy](https://cloud.google.com/kubernetes-engine/docs/concepts/audit-policy) * [GKE shared responsibility](https://cloud.google.com/kubernetes-engine/docs/concepts/shared-responsibility) * [Mitigating security incidents](https://cloud.google.com/kubernetes-engine/docs/how-to/security-mitigations) * [Encrypt workload data in-use with Confidential Google Kubernetes Engine Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) * [Automatically scan workloads for configuration issues](https://cloud.google.com/kubernetes-engine/docs/how-to/protect-workload-configuration) * [GCP Cloud & Container Security Best Practices](https://sysdig.com/learn-cloud-native/cloud-security/gcp-security/) * [Allowing IAM users to access AWS EKS using kubectl](https://kloudle.com/academy/allowing-iam-users-to-access-aws-eks-using-kubectl) ## Serverless * [Servleress Framework Documentation](https://serverless.com/framework/docs/) * [AWS SDK for Javascript](https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/) * [GCP Javascript API Documentaion](https://cloud.google.com/compute/docs/tutorials/javascript-guide) * [Intrusion and Exfiltration in Server-less Architectures](https://www.youtube.com/watch?v=YZ058hmLuv0) * [Serverless Architecture](https://github.com/showcases/serverless-architecture) * [Serverless Technologies](https://thenewstack.io/guide-serverless-technologies-functions-backends-service/) * [Awesome Serverless](https://github.com/anaibol/awesome-serverless) * [Security related books from Appsecco](https://appsecco.com/books/) * [Appsecco blog](https://blog.appsecco.com/) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://0xcriminal.gitbook.io/about-me/cloudsec/additional-references/references.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.