GitBook: [master] 5 pages modified

SUMMARY.md

@@ -374,32 +374,10 @@
 * [XSSI \(Cross-Site Script Inclusion\)](pentesting-web/xssi-cross-site-script-inclusion.md)
 * [XS-Search](pentesting-web/xs-search.md)
 
-## Physical attacks
+## Cloud Security
 
-* [Physical Attacks](physical-attacks/physical-attacks.md)
-* [Escaping from KIOSKs](physical-attacks/escaping-from-gui-applications/README.md)
-  * [Show file extensions](physical-attacks/escaping-from-gui-applications/show-file-extensions.md)
-
-## Reversing
-
-* [Common API used in Malware](reversing/common-api-used-in-malware.md)
-* [Reversing Tools](reversing/reversing-tools/README.md)
-  * [Blobrunner](reversing/reversing-tools/blobrunner.md)
-* [Cryptographic/Compression Algorithms](reversing/cryptographic-algorithms/README.md)
-  * [Unpacking binaries](reversing/cryptographic-algorithms/unpacking-binaries.md)
-* [Word Macros](reversing/word-macros.md)
-
-## Exploiting
-
-* [Linux Exploiting \(Basic\) \(SPA\)](exploiting/linux-exploiting-basic-esp/README.md)
-  * [ROP - Syscall execv](exploiting/linux-exploiting-basic-esp/rop-syscall-execv.md)
-  * [ROP - Leaking LIBC address](exploiting/linux-exploiting-basic-esp/rop-leaking-libc-address.md)
-  * [Bypassing Canary & PIE](exploiting/linux-exploiting-basic-esp/bypassing-canary-and-pie.md)
-  * [Ret2Lib](exploiting/linux-exploiting-basic-esp/ret2lib.md)
-  * [Fusion](exploiting/linux-exploiting-basic-esp/fusion.md)
-* [Exploiting Tools](exploiting/tools/README.md)
-  * [PwnTools](exploiting/tools/pwntools.md)
-* [Windows Exploiting \(Basic Guide - OSCP lvl\)](exploiting/windows-exploiting-basic-guide-oscp-lvl.md)
+* [Cloud security review](cloud-security/cloud-security-review.md)
+* [AWS Security](cloud-security/aws-security.md)
 
 ## Forensics
 
@@ -427,6 +405,33 @@
   * [PNG tricks](forensics/basic-forensics-esp/png-tricks.md)
   * [ZIPs tricks](forensics/basic-forensics-esp/zips-tricks.md)
 
+## Physical attacks
+
+* [Physical Attacks](physical-attacks/physical-attacks.md)
+* [Escaping from KIOSKs](physical-attacks/escaping-from-gui-applications/README.md)
+  * [Show file extensions](physical-attacks/escaping-from-gui-applications/show-file-extensions.md)
+
+## Reversing
+
+* [Common API used in Malware](reversing/common-api-used-in-malware.md)
+* [Reversing Tools](reversing/reversing-tools/README.md)
+  * [Blobrunner](reversing/reversing-tools/blobrunner.md)
+* [Cryptographic/Compression Algorithms](reversing/cryptographic-algorithms/README.md)
+  * [Unpacking binaries](reversing/cryptographic-algorithms/unpacking-binaries.md)
+* [Word Macros](reversing/word-macros.md)
+
+## Exploiting
+
+* [Linux Exploiting \(Basic\) \(SPA\)](exploiting/linux-exploiting-basic-esp/README.md)
+  * [ROP - Syscall execv](exploiting/linux-exploiting-basic-esp/rop-syscall-execv.md)
+  * [ROP - Leaking LIBC address](exploiting/linux-exploiting-basic-esp/rop-leaking-libc-address.md)
+  * [Bypassing Canary & PIE](exploiting/linux-exploiting-basic-esp/bypassing-canary-and-pie.md)
+  * [Ret2Lib](exploiting/linux-exploiting-basic-esp/ret2lib.md)
+  * [Fusion](exploiting/linux-exploiting-basic-esp/fusion.md)
+* [Exploiting Tools](exploiting/tools/README.md)
+  * [PwnTools](exploiting/tools/pwntools.md)
+* [Windows Exploiting \(Basic Guide - OSCP lvl\)](exploiting/windows-exploiting-basic-guide-oscp-lvl.md)
+
 ## Crypto
 
 * [Certificates](crypto/certificates.md)
@@ -471,7 +476,6 @@
 * [Other Web Tricks](other-web-tricks.md)
 * [Interesting HTTP](interesting-http.md)
 * [Emails Vulnerabilities](emails-vulns.md)
-* [Cloud security review](cloud-security-review.md)
 * [Android Forensics](android-forensics.md)
 * [TR-069](tr-069.md)
 * [6881/udp - Pentesting BitTorrent](6881-udp-pentesting-bittorrent.md)
@@ -483,5 +487,4 @@
 * [Online Platforms with API](online-platforms-with-api.md)
 * [Reset/Forgoten Password Bypass](reset-password.md)
 * [Stealing Sensitive Information Disclosure from a Web](stealing-sensitive-information-disclosure-from-a-web.md)
-* [AWS Security](aws-security.md)
 

cloud-security/aws-security.md

@@ -370,17 +370,17 @@ Logs are saved in an S3 bucket. By default Server Side Encryption is used \(SSE-
 
 ### Log File Naing Convention
 
-![](.gitbook/assets/image%20%28253%29.png)
+![](../.gitbook/assets/image%20%28253%29.png)
 
 ### S3 folder structure
 
-![](.gitbook/assets/image%20%28430%29.png)
+![](../.gitbook/assets/image%20%28430%29.png)
 
 Note that the folders "_AWSLogs_" and "_CloudTrail_" are fixed folder names,
 
 **Digest** files have a similar folders path:
 
-![](.gitbook/assets/image%20%28438%29.png)
+![](../.gitbook/assets/image%20%28438%29.png)
 
 ### Aggregate Logs from Multiple Accounts
 
@@ -410,7 +410,7 @@ Note that in order to allow CloudTrail to send the logs to CloudWatch a **role**
 
 CloudTrail Event History allows you to inspect in a table the logs that have been recorded:
 
-![](.gitbook/assets/image%20%28431%29.png)
+![](../.gitbook/assets/image%20%28431%29.png)
 
 ### Insights
 
@@ -695,9 +695,9 @@ Limitations:
 
 For every network interface that publishes data to the CloudWatch log group, it will use a different log stream. And within each of these streams, there will be the flow log event data that shows the content of the log entries. Each of these **logs captures data during a window of approximately 10 to 15 minutes**.
 
-![](.gitbook/assets/image%20%28432%29.png)
+![](../.gitbook/assets/image%20%28432%29.png)
 
-![](.gitbook/assets/image%20%28433%29.png)
+![](../.gitbook/assets/image%20%28433%29.png)
 
 ### Subnets
 

cloud-security/cloud-security-review.md

@@ -79,16 +79,16 @@ azscan #Run, login before with `az login`
 * Check for a **high number of Global Admin** \(between 2-4 are recommended\). Access it on: [https://portal.azure.com/\#blade/Microsoft\_AAD\_IAM/ActiveDirectoryMenuBlade/Overview](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Overview)
 * Global admins should have MFA activated. Go to Users and click on Multi-Factor Authentication button.
 
-![](.gitbook/assets/image%20%28281%29.png)
+![](../.gitbook/assets/image%20%28281%29.png)
 
 * Dedicated admin account shouldn't have mailboxes \(they can only have mailboxes if they have Office 365\).
 * Local AD shouldn't be sync with Azure AD if not needed\([https://portal.azure.com/\#blade/Microsoft\_AAD\_IAM/ActiveDirectoryMenuBlade/AzureADConnect](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/AzureADConnect)\). And if synced Password Hash Sync should be enabled for reliability. In this case it's disabled:
 
-![](.gitbook/assets/image%20%2852%29.png)
+![](../.gitbook/assets/image%20%2852%29.png)
 
 * **Global Administrators** shouldn't be synced from a local AD. Check if Global Administrators emails uses the domain **onmicrosoft.com**. If not, check the source of the user, the source should be Azure Active Directory, if it comes from Windows Server AD, then report it.
 
-![](.gitbook/assets/image%20%2889%29.png)
+![](../.gitbook/assets/image%20%2889%29.png)
 
 * **Standard tier** is recommended instead of free tier \(see the tier being used in _Pricing & Settings_ or in [https://portal.azure.com/\#blade/Microsoft\_Azure\_Security/SecurityMenuBlade/24](https://portal.azure.com/#blade/Microsoft_Azure_Security/SecurityMenuBlade/24)\)
 * **Periodic SQL servers scans**: 
  _Select the SQL server_ --> _Make sure that 'Advanced data security' is set to 'On'_ --> _Under 'Vulnerability assessment settings', set 'Periodic recurring scans' to 'On', and configure a storage account for storing vulnerability assessment scan results_ --> _Click Save_