Hands-On AWS Penetration Testing with Kali Linux

By Karl Gilbert , Benjamin Caudill
    What do you get with a Packt Subscription?

  • Instant access to this title and 7,500+ eBooks & Videos
  • Constantly updated with 100+ new titles each month
  • Breadth and depth in over 1,000+ technologies
  1. Free Chapter
    Section 1: Kali Linux on AWS
About this book

The cloud is taking over the IT industry. Any organization housing a large amount of data or a large infrastructure has started moving cloud-ward — and AWS rules the roost when it comes to cloud service providers, with its closest competitor having less than half of its market share. This highlights the importance of security on the cloud, especially on AWS. While a lot has been said (and written) about how cloud environments can be secured, performing external security assessments in the form of pentests on AWS is still seen as a dark art.

This book aims to help pentesters as well as seasoned system administrators with a hands-on approach to pentesting the various cloud services provided by Amazon through AWS using Kali Linux. To make things easier for novice pentesters, the book focuses on building a practice lab and refining penetration testing with Kali Linux on the cloud. This is helpful not only for beginners but also for pentesters who want to set up a pentesting environment in their private cloud, using Kali Linux to perform a white-box assessment of their own cloud resources. Besides this, there is a lot of in-depth coverage of the large variety of AWS services that are often overlooked during a pentest — from serverless infrastructure to automated deployment pipelines.

By the end of this book, you will be able to identify possible vulnerable areas efficiently and secure your AWS cloud environment.

Publication date:
April 2019


Section 1: Kali Linux on AWS

This section is a beginner-oriented introduction to how an individual without access to a ready-made AWS environment can set up a lab to practice their pentesting skills, as well as the ways in which they may practice their skills. It also walks the reader through the process of setting up a Kali pentestbox on AWS that can be easily accessed on the go, using nothing more than a web browser.

The following chapters will be covered in this section:

  • Chapter 1, Setting Up a Pentesting Lab on AWS
  • Chapter 2, Setting Up a Kali Pentestbox on the Cloud
  • Chapter 3, Exploitation on the Cloud using Kali Linux
About the Authors
  • Karl Gilbert

    Karl Gilbert is a security researcher who has contributed to the security of some widely used open-source software. His primary interests relate to vulnerability research, 0-days, cloud security, secure DevOps, and CI/CD.

    Browse publications by this author
  • Benjamin Caudill

    Benjamin Caudill is a security researcher and founder of pentesting firm Rhino Security Labs. Built on 10+ years of offensive security experience, Benjamin directed the company with research and development as its foundation, into a key resource for high-needs clients. Benjamin has also been a major contributor to AWS security research. With co-researcher Spencer Gietzen, the two have developed Pacu (the AWS exploitation framework) and identified dozens of new attack vectors in cloud architecture. Both GCP and Azure research are expected throughout 2019. As a regular contributor to the security industry, Benjamin been featured on CNN, Wired, Washington Post, and other major media outlets.

    Browse publications by this author
Latest Reviews (3 reviews total)
Easy and intuitive, thanks!
Covers AWS services as the title says.
Very good experience. No doubt.
Hands-On AWS Penetration Testing with Kali Linux
Unlock this book and the full library FREE for 7 days
Start now