Back to Details

cloud-security

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Cloud Security Assessment

云安全评估

This skill enables comprehensive security testing of AWS, Azure, and GCP cloud environments using industry-standard tools like ScoutSuite, Prowler, and CloudSploit. It covers misconfiguration scanning, IAM analysis, and privilege escalation testing.
此技能可利用ScoutSuite、Prowler和CloudSploit等行业标准工具,对AWS、Azure和GCP云环境进行全面的安全测试,涵盖配置错误扫描、IAM分析和权限提升测试。

When to Use This Skill

何时使用此技能

This skill should be invoked when:
  • Performing cloud security assessments
  • Scanning for cloud misconfigurations
  • Auditing IAM policies and permissions
  • Testing storage bucket/blob permissions
  • Identifying privilege escalation paths
  • Checking CIS benchmark compliance
  • Reviewing cloud security posture
在以下场景中应调用此技能:
  • 执行云安全评估
  • 扫描云配置错误
  • 审计IAM策略与权限
  • 测试存储桶/Blob权限
  • 识别权限提升路径
  • 检查CIS基准合规性
  • 审查云安全态势

Trigger Phrases

触发短语

  • "audit AWS security"
  • "scan Azure for misconfigurations"
  • "check GCP security"
  • "test cloud IAM"
  • "find S3 bucket issues"
  • "cloud penetration test"
  • "CIS benchmark audit"
  • "audit AWS security"
  • "scan Azure for misconfigurations"
  • "check GCP security"
  • "test cloud IAM"
  • "find S3 bucket issues"
  • "cloud penetration test"
  • "CIS benchmark audit"

Prerequisites

前提条件

Required Tools

必备工具

ToolPurposeInstallation
ScoutSuiteMulti-cloud security auditing
pip install scoutsuite
ProwlerAWS security assessment
pip install prowler
CloudSploitCloud security scanning
npm install -g cloudsploit
SteampipeSQL for cloud APIssteampipe.io download
PacuAWS exploitation framework
pip install pacu
enumerate-iamIAM enumerationGitHub
S3ScannerS3 bucket scanner
pip install s3scanner
工具用途安装方式
ScoutSuite多云安全审计
pip install scoutsuite
ProwlerAWS安全评估
pip install prowler
CloudSploit云安全扫描
npm install -g cloudsploit
Steampipe云API的SQL工具steampipe.io 下载
PacuAWS渗透框架
pip install pacu
enumerate-iamIAM枚举GitHub
S3ScannerS3桶扫描器
pip install s3scanner

Authentication Setup

认证配置

AWS

AWS

bash
undefined
bash
undefined

Configure AWS CLI

配置AWS CLI

aws configure
aws configure

Or use environment variables

或使用环境变量

export AWS_ACCESS_KEY_ID="AKIA..." export AWS_SECRET_ACCESS_KEY="..." export AWS_DEFAULT_REGION="us-east-1"
export AWS_ACCESS_KEY_ID="AKIA..." export AWS_SECRET_ACCESS_KEY="..." export AWS_DEFAULT_REGION="us-east-1"

Assume role for cross-account

跨账号扮演角色

aws sts assume-role --role-arn arn:aws:iam::ACCOUNT:role/ROLE --role-session-name audit
undefined
aws sts assume-role --role-arn arn:aws:iam::ACCOUNT:role/ROLE --role-session-name audit
undefined

Azure

Azure

bash
undefined
bash
undefined

Login with CLI

使用CLI登录

az login
az login

Service Principal

服务主体登录

az login --service-principal -u CLIENT_ID -p SECRET --tenant TENANT_ID
az login --service-principal -u CLIENT_ID -p SECRET --tenant TENANT_ID

Set subscription

设置订阅

az account set --subscription "SUBSCRIPTION_ID"
undefined
az account set --subscription "SUBSCRIPTION_ID"
undefined

GCP

GCP

bash
undefined
bash
undefined

Application default credentials

应用默认凭证

gcloud auth application-default login
gcloud auth application-default login

Service account

服务账号

export GOOGLE_APPLICATION_CREDENTIALS="/path/to/service-account.json"
export GOOGLE_APPLICATION_CREDENTIALS="/path/to/service-account.json"

Set project

设置项目

gcloud config set project PROJECT_ID

---
gcloud config set project PROJECT_ID

---

Multi-Cloud Security Scanning

多云安全扫描

ScoutSuite (All Clouds)

ScoutSuite(全云支持)

bash
undefined
bash
undefined

AWS Assessment

AWS评估

scout aws --profile default --report-dir ./scout-aws
scout aws --profile default --report-dir ./scout-aws

Azure Assessment

Azure评估

scout azure --cli --report-dir ./scout-azure
scout azure --cli --report-dir ./scout-azure

GCP Assessment

GCP评估

scout gcp --project-id PROJECT_ID --report-dir ./scout-gcp
scout gcp --project-id PROJECT_ID --report-dir ./scout-gcp

Key findings to review:

需要重点查看的结果:

- Danger (red): Critical misconfigurations

- 危险(红色):严重配置错误

- Warning (orange): High-risk issues

- 警告(橙色):高风险问题

- Info: Informational findings

- 信息:参考性发现

undefined
undefined

Quick Start Workflow

快速开始流程

markdown
1. **Credentials Setup**
   - Obtain read-only access credentials
   - Verify minimum required permissions

2. **Initial Scan**
   - Run ScoutSuite for comprehensive view
   - Run Prowler/CloudSploit for specific checks

3. **Deep Dive**
   - IAM policy analysis
   - Storage permissions review
   - Network security assessment
   - Logging/monitoring verification

4. **Exploitation Testing** (if authorized)
   - Privilege escalation attempts
   - Lateral movement testing
   - Data exfiltration simulation

5. **Reporting**
   - Document findings with evidence
   - Prioritize by risk and impact
   - Provide remediation guidance
markdown
1. **凭证配置**
   - 获取只读访问凭证
   - 验证最低所需权限

2. **初始扫描**
   - 运行ScoutSuite获取全面视图
   - 运行Prowler/CloudSploit进行专项检查

3. **深度分析**
   - IAM策略分析
   - 存储权限审查
   - 网络安全评估
   - 日志/监控验证

4. **渗透测试**(需授权)
   - 权限提升尝试
   - 横向移动测试
   - 数据泄露模拟

5. **报告输出**
   - 记录发现并附证据
   - 按风险和影响优先级排序
   - 提供修复指导

AWS Security Testing

AWS安全测试

Prowler Assessment

Prowler评估

bash
undefined
bash
undefined

Full assessment

全面评估

prowler aws
prowler aws

Specific checks

专项检查

prowler aws --checks check11,check12,check13
prowler aws --checks check11,check12,check13

CIS Benchmark

CIS基准

prowler aws --compliance cis_2.0_aws
prowler aws --compliance cis_2.0_aws

Output formats

输出格式

prowler aws -M csv,html,json
prowler aws -M csv,html,json

Check categories

检查分类

prowler aws -g group1 # IAM prowler aws -g group2 # Logging prowler aws -g group3 # Monitoring prowler aws -g group4 # Networking
undefined
prowler aws -g group1 # IAM prowler aws -g group2 # 日志 prowler aws -g group3 # 监控 prowler aws -g group4 # 网络
undefined

IAM Analysis

IAM分析

bash
undefined
bash
undefined

Enumerate IAM permissions

枚举IAM权限

enumerate-iam --access-key AKIA... --secret-key ...
enumerate-iam --access-key AKIA... --secret-key ...

Check for privilege escalation

检查权限提升

Using Pacu

使用Pacu

pacu
import_keys --access-key AKIA... --secret-key ... run iam__enum_permissions run iam__privesc_scan
pacu
import_keys --access-key AKIA... --secret-key ... run iam__enum_permissions run iam__privesc_scan

Manual checks

手动检查

aws iam list-users aws iam list-roles aws iam list-policies --scope Local aws iam get-account-authorization-details
undefined
aws iam list-users aws iam list-roles aws iam list-policies --scope Local aws iam get-account-authorization-details
undefined

S3 Security

S3安全

bash
undefined
bash
undefined

Scan for public buckets

扫描公共存储桶

s3scanner --bucket-file buckets.txt
s3scanner --bucket-file buckets.txt

Check bucket policies

检查存储桶策略

aws s3api get-bucket-policy --bucket BUCKET aws s3api get-bucket-acl --bucket BUCKET aws s3api get-public-access-block --bucket BUCKET
aws s3api get-bucket-policy --bucket BUCKET aws s3api get-bucket-acl --bucket BUCKET aws s3api get-public-access-block --bucket BUCKET

Test bucket permissions

测试存储桶权限

aws s3 ls s3://bucket-name --no-sign-request aws s3 cp test.txt s3://bucket-name --no-sign-request
undefined
aws s3 ls s3://bucket-name --no-sign-request aws s3 cp test.txt s3://bucket-name --no-sign-request
undefined

Common AWS Misconfigurations

AWS常见配置错误

markdown
undefined
markdown
undefined

Critical

严重级别

  • Public S3 buckets with sensitive data
  • IAM users with admin access
  • Root account used for daily operations
  • No MFA on root or privileged accounts
  • Hardcoded credentials in Lambda/EC2
  • 包含敏感数据的公共S3桶
  • 拥有管理员权限的IAM用户
  • 日常操作使用根账号
  • 根账号或特权账号未启用MFA
  • Lambda/EC2中存在硬编码凭证

High

高风险级别

  • Security groups with 0.0.0.0/0 ingress
  • RDS instances publicly accessible
  • CloudTrail not enabled
  • Default VPC in use
  • IAM policies with * resources
  • 允许0.0.0.0/0入站的安全组
  • 可公开访问的RDS实例
  • 未启用CloudTrail
  • 使用默认VPC
  • 包含*资源的IAM策略

Medium

中风险级别

  • S3 buckets without versioning
  • EBS volumes unencrypted
  • Access keys not rotated
  • VPC flow logs disabled
  • GuardDuty not enabled
undefined
  • 未启用版本控制的S3桶
  • 未加密的EBS卷
  • 未轮换的访问密钥
  • 禁用的VPC流日志
  • 未启用GuardDuty
undefined

AWS Privilege Escalation

AWS权限提升

markdown
undefined
markdown
undefined

Common Paths

常见路径

  1. iam:CreatePolicyVersion
    • Create new policy version with admin access
    • aws iam create-policy-version --policy-arn ARN --policy-document file://admin.json --set-as-default
  2. iam:SetDefaultPolicyVersion
    • Switch to overly permissive version
  3. iam:AttachUserPolicy/AttachRolePolicy
    • Attach AdministratorAccess
  4. iam:CreateAccessKey
    • Create keys for other users
  5. iam:PassRole + Lambda/EC2
    • Create Lambda with powerful role
    • Launch EC2 with powerful role
  6. sts:AssumeRole
    • Assume more privileged role
  7. lambda:UpdateFunctionCode
    • Modify Lambda to exfiltrate credentials
  1. iam:CreatePolicyVersion
    • 创建具有管理员权限的新策略版本
    • aws iam create-policy-version --policy-arn ARN --policy-document file://admin.json --set-as-default
  2. iam:SetDefaultPolicyVersion
    • 切换到权限过度宽松的版本
  3. iam:AttachUserPolicy/AttachRolePolicy
    • 附加AdministratorAccess权限
  4. iam:CreateAccessKey
    • 为其他用户创建密钥
  5. iam:PassRole + Lambda/EC2
    • 创建拥有高权限角色的Lambda
    • 启动拥有高权限角色的EC2
  6. sts:AssumeRole
    • 扮演权限更高的角色
  7. lambda:UpdateFunctionCode
    • 修改Lambda代码以泄露凭证

Detection

检测方式

  • CloudTrail logs
  • IAM Access Analyzer
  • GuardDuty findings

---
  • CloudTrail日志
  • IAM Access Analyzer
  • GuardDuty findings

---

Azure Security Testing

Azure安全测试

Azure Security Assessment

Azure安全评估

bash
undefined
bash
undefined

Using ScoutSuite

使用ScoutSuite

scout azure --cli
scout azure --cli

Azure native tools

Azure原生工具

az security assessment list az security alert list
az security assessment list az security alert list

Storage account checks

存储账号检查

az storage account list az storage account show --name ACCOUNT --query allowBlobPublicAccess
undefined
az storage account list az storage account show --name ACCOUNT --query allowBlobPublicAccess
undefined

Azure Misconfigurations

Azure常见配置错误

markdown
undefined
markdown
undefined

Critical

严重级别

  • Storage accounts with public access
  • Key Vault access policies too permissive
  • No MFA for privileged accounts
  • Service Principal with Owner role
  • Exposed management ports (RDP/SSH)
  • 允许公共访问的存储账号
  • 权限过度宽松的Key Vault访问策略
  • 特权账号未启用MFA
  • 拥有Owner角色的服务主体
  • 暴露的管理端口(RDP/SSH)

High

高风险级别

  • Network Security Groups too open
  • Azure AD users with Global Admin
  • Defender for Cloud disabled
  • Diagnostic logs not configured
  • Azure Policy not enforced
  • 规则过于开放的网络安全组
  • 拥有全局管理员权限的Azure AD用户
  • 禁用Defender for Cloud
  • 未配置诊断日志
  • 未强制实施Azure Policy

Medium

中风险级别

  • Managed disk encryption disabled
  • Activity logs retention < 90 days
  • Resource locks not applied
  • Azure Bastion not used
  • Just-in-time VM access disabled
undefined
  • 禁用的托管磁盘加密
  • 活动日志保留期<90天
  • 未应用资源锁
  • 未使用Azure Bastion
  • 禁用的VM即时访问
undefined

Azure AD / Entra ID Testing

Azure AD / Entra ID测试

bash
undefined
bash
undefined

Using Azure CLI

使用Azure CLI

az ad user list az ad group list az ad app list az role assignment list
az ad user list az ad group list az ad app list az role assignment list

Check privileged roles

检查特权角色

az role assignment list --role "Owner" az role assignment list --role "Contributor" az role assignment list --role "User Access Administrator"
az role assignment list --role "Owner" az role assignment list --role "Contributor" az role assignment list --role "User Access Administrator"

Service Principal enumeration

服务主体枚举

az ad sp list --all
undefined
az ad sp list --all
undefined

Azure Privilege Escalation

Azure权限提升

markdown
undefined
markdown
undefined

Common Paths

常见路径

  1. Automation Account RunAs
    • Runbooks often have high privileges
    • Check for stored credentials
  2. Key Vault Access
    • Extract secrets/certificates
    • Impersonate service principals
  3. Managed Identity Abuse
  4. Resource Group Permissions
    • Contributor can reset VM passwords
    • Can add new users to VMs
  5. Azure AD Roles
    • Global Admin = full control
    • Application Admin can create apps with high privileges
  6. Subscription Permissions
    • User Access Administrator can grant roles

---
  1. 自动化账号RunAs
    • 运行手册通常拥有高权限
    • 检查存储的凭证
  2. Key Vault访问
    • 提取密钥/证书
    • 模拟服务主体
  3. 托管身份滥用
  4. 资源组权限
    • Contributor可重置VM密码
    • 可向VM添加新用户
  5. Azure AD角色
    • 全局管理员=完全控制
    • 应用程序管理员可创建拥有高权限的应用
  6. 订阅权限
    • 用户访问管理员可授予角色

---

GCP Security Testing

GCP安全测试

GCP Assessment

GCP评估

bash
undefined
bash
undefined

Using ScoutSuite

使用ScoutSuite

scout gcp --project-id PROJECT_ID
scout gcp --project-id PROJECT_ID

Using gcloud

使用gcloud

gcloud projects get-iam-policy PROJECT_ID gcloud compute instances list gcloud storage buckets list
undefined
gcloud projects get-iam-policy PROJECT_ID gcloud compute instances list gcloud storage buckets list
undefined

GCP Misconfigurations

GCP常见配置错误

markdown
undefined
markdown
undefined

Critical

严重级别

  • Public Cloud Storage buckets
  • Service accounts with Owner role
  • Default service account in use
  • Public GCE instances
  • No organization policies
  • 公共Cloud Storage桶
  • 拥有Owner角色的服务账号
  • 使用默认服务账号
  • 公共GCE实例
  • 无组织策略

High

高风险级别

  • Firewall rules too permissive
  • Cloud Logging disabled
  • No VPC Service Controls
  • Compute Engine default encryption
  • IAM binding with allUsers
  • 规则过于宽松的防火墙
  • 禁用Cloud Logging
  • 未启用VPC服务控制
  • Compute Engine默认加密
  • 包含allUsers的IAM绑定

Medium

中风险级别

  • Uniform bucket access not enforced
  • Cloud Armor not configured
  • Binary Authorization disabled
  • Container Registry public
  • Access Transparency not enabled
undefined
  • 未强制实施统一桶访问
  • 未配置Cloud Armor
  • 禁用Binary Authorization
  • 公共容器注册表
  • 未启用Access Transparency
undefined

GCP IAM Analysis

GCP IAM分析

bash
undefined
bash
undefined

List IAM bindings

列出IAM绑定

gcloud projects get-iam-policy PROJECT_ID --flatten="bindings[].members"
--format="table(bindings.role, bindings.members)"
gcloud projects get-iam-policy PROJECT_ID --flatten="bindings[].members"
--format="table(bindings.role, bindings.members)"

Service accounts

服务账号

gcloud iam service-accounts list gcloud iam service-accounts get-iam-policy SA_EMAIL
gcloud iam service-accounts list gcloud iam service-accounts get-iam-policy SA_EMAIL

Check for wide permissions

检查宽权限

gcloud asset search-all-iam-policies --scope=projects/PROJECT_ID
--query="resource:*" --flatten="policy.bindings[].members"
undefined
gcloud asset search-all-iam-policies --scope=projects/PROJECT_ID
--query="resource:*" --flatten="policy.bindings[].members"
undefined

GCP Privilege Escalation

GCP权限提升

markdown
undefined
markdown
undefined

Common Paths

常见路径

  1. Service Account Key Creation
    • iam.serviceAccountKeys.create
    • Create key for privileged SA
  2. Service Account Impersonation
    • iam.serviceAccounts.getAccessToken
    • Act as another service account
  3. Compute Instance Access
    • SSH to instance with service account
    • Metadata token extraction
  4. Cloud Functions
    • cloudfunctions.functions.update
    • Modify function code to exfil credentials
  5. GKE/Kubernetes
    • Access workload identity
    • Container escape to node
  6. IAM Policy Modification
    • resourcemanager.projects.setIamPolicy
    • Grant self Owner role
  1. 服务账号密钥创建
    • iam.serviceAccountKeys.create
    • 为特权服务账号创建密钥
  2. 服务账号模拟
    • iam.serviceAccounts.getAccessToken
    • 扮演其他服务账号
  3. 计算实例访问
    • SSH到带有服务账号的实例
    • 元数据令牌提取
  4. 云函数
    • cloudfunctions.functions.update
    • 修改函数代码以泄露凭证
  5. GKE/Kubernetes
    • 访问工作负载身份
    • 容器逃逸到节点
  6. IAM策略修改
    • resourcemanager.projects.setIamPolicy
    • 为自己授予Owner角色

Metadata Exploitation

元数据利用

curl -H "Metadata-Flavor: Google"
http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token

---
curl -H "Metadata-Flavor: Google"
http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token

---

Steampipe Queries

Steampipe查询

Installation

安装

bash
undefined
bash
undefined

Install Steampipe

安装Steampipe

brew install turbot/tap/steampipe
brew install turbot/tap/steampipe

Install plugins

安装插件

steampipe plugin install aws steampipe plugin install azure steampipe plugin install gcp
undefined
steampipe plugin install aws steampipe plugin install azure steampipe plugin install gcp
undefined

Security Queries

安全查询

sql
-- AWS: Public S3 buckets
SELECT name, acl, policy
FROM aws_s3_bucket
WHERE bucket_policy_is_public = true;

-- AWS: Security groups with 0.0.0.0/0
SELECT group_id, group_name, ip_permissions
FROM aws_vpc_security_group_rule
WHERE cidr_ipv4 = '0.0.0.0/0';

-- AWS: IAM users without MFA
SELECT name, mfa_enabled
FROM aws_iam_user
WHERE mfa_enabled = false;

-- Azure: Storage accounts with public access
SELECT name, allow_blob_public_access
FROM azure_storage_account
WHERE allow_blob_public_access = true;

-- GCP: Service accounts with Owner
SELECT distinct member
FROM gcp_iam_policy_binding
WHERE role = 'roles/owner'
AND member LIKE 'serviceAccount:%';
sql
-- AWS: 公共S3桶
SELECT name, acl, policy
FROM aws_s3_bucket
WHERE bucket_policy_is_public = true;

-- AWS: 允许0.0.0.0/0的安全组
SELECT group_id, group_name, ip_permissions
FROM aws_vpc_security_group_rule
WHERE cidr_ipv4 = '0.0.0.0/0';

-- AWS: 未启用MFA的IAM用户
SELECT name, mfa_enabled
FROM aws_iam_user
WHERE mfa_enabled = false;

-- Azure: 允许公共访问的存储账号
SELECT name, allow_blob_public_access
FROM azure_storage_account
WHERE allow_blob_public_access = true;

-- GCP: 拥有Owner角色的服务账号
SELECT distinct member
FROM gcp_iam_policy_binding
WHERE role = 'roles/owner'
AND member LIKE 'serviceAccount:%';

CIS Benchmark Compliance

CIS基准合规

AWS CIS Checks

AWS CIS检查

bash
undefined
bash
undefined

Using Prowler for CIS

使用Prowler进行CIS检查

prowler aws --compliance cis_2.0_aws
prowler aws --compliance cis_2.0_aws

Key CIS controls:

关键CIS控制项:

1.x - Identity and Access Management

1.x - 身份与访问管理

2.x - Storage

2.x - 存储

3.x - Logging

3.x - 日志

4.x - Monitoring

4.x - 监控

5.x - Networking

5.x - 网络

undefined
undefined

Compliance Frameworks

合规框架

FrameworkAWSAzureGCP
CIS Benchmarkv2.0v2.0v2.0
SOC 2ProwlerDefenderSCC
PCI DSSConfig RulesPolicySCC
HIPAAConfig RulesPolicySCC
GDPRArtifactComplianceSCC
框架AWSAzureGCP
CIS Benchmarkv2.0v2.0v2.0
SOC 2ProwlerDefenderSCC
PCI DSSConfig RulesPolicySCC
HIPAAConfig RulesPolicySCC
GDPRArtifactComplianceSCC

Cloud Metadata Services

云元数据服务

SSRF to Cloud Credentials

SSRF获取云凭证

markdown
undefined
markdown
undefined

AWS IMDS

AWS IMDS

http://169.254.169.254/latest/meta-data/ http://169.254.169.254/latest/meta-data/iam/security-credentials/ROLE_NAME http://169.254.169.254/latest/user-data/
http://169.254.169.254/latest/meta-data/ http://169.254.169.254/latest/meta-data/iam/security-credentials/ROLE_NAME http://169.254.169.254/latest/user-data/

Azure IMDS (requires header: Metadata: true)

Azure IMDS(需要请求头:Metadata: true)

http://169.254.169.254/metadata/instance?api-version=2021-02-01 http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/
http://169.254.169.254/metadata/instance?api-version=2021-02-01 http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=https://management.azure.com/

GCP (requires header: Metadata-Flavor: Google)

GCP(需要请求头:Metadata-Flavor: Google)

http://metadata.google.internal/computeMetadata/v1/ http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token
http://metadata.google.internal/computeMetadata/v1/ http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token

Bypass techniques for SSRF filters

SSRF过滤器绕过技巧

http://[::ffff:169.254.169.254] http://169.254.169.254.nip.io http://0xA9FEA9FE # Decimal encoding

---
http://[::ffff:169.254.169.254] http://169.254.169.254.nip.io http://0xA9FEA9FE # 十进制编码

---

Reporting Template

报告模板

markdown
undefined
markdown
undefined

Cloud Security Assessment Report

云安全评估报告

Executive Summary

执行摘要

  • Cloud provider(s) assessed
  • Assessment period
  • Critical findings count
  • Overall risk rating
  • 评估的云服务商
  • 评估周期
  • 严重发现数量
  • 整体风险评级

Scope

评估范围

  • Accounts/subscriptions/projects
  • Services in scope
  • Testing methodology
  • 账号/订阅/项目
  • 涵盖的服务
  • 测试方法

Findings

发现项

[CRITICAL] Finding Title

[严重] 发现标题

Cloud: AWS/Azure/GCP Service: S3/IAM/Storage CIS Control: 2.1.1
Description Detailed description of the misconfiguration.
Evidence
  • Screenshots
  • CLI output
  • Policy documents
Impact
  • Data exposure risk
  • Compliance violation
  • Attack scenarios
Remediation
  1. Immediate steps
  2. Long-term fixes
  3. Monitoring recommendations
References
  • CIS Benchmark
  • Cloud documentation

---
云服务商: AWS/Azure/GCP 服务: S3/IAM/存储 CIS控制项: 2.1.1
描述 配置错误的详细说明。
证据
  • 截图
  • CLI输出
  • 策略文档
影响
  • 数据泄露风险
  • 合规违规
  • 攻击场景
修复建议
  1. 立即执行步骤
  2. 长期修复方案
  3. 监控建议
参考资料
  • CIS基准
  • 云服务商文档

---

Bundled Resources

附带资源

scripts/

scripts/

  • aws_enum.py
    - AWS enumeration automation
  • azure_enum.py
    - Azure enumeration automation
  • gcp_enum.py
    - GCP enumeration automation
  • cloud_privesc.py
    - Privilege escalation checker
  • bucket_scanner.py
    - Multi-cloud storage scanner
  • aws_enum.py
    - AWS枚举自动化脚本
  • azure_enum.py
    - Azure枚举自动化脚本
  • gcp_enum.py
    - GCP枚举自动化脚本
  • cloud_privesc.py
    - 权限提升检查脚本
  • bucket_scanner.py
    - 多云存储扫描器

references/

references/

  • aws_security.md
    - AWS security best practices
  • azure_security.md
    - Azure security best practices
  • gcp_security.md
    - GCP security best practices
  • cis_controls.md
    - CIS benchmark mappings
  • aws_security.md
    - AWS安全最佳实践
  • azure_security.md
    - Azure安全最佳实践
  • gcp_security.md
    - GCP安全最佳实践
  • cis_controls.md
    - CIS基准映射

checklists/

checklists/

  • aws_audit.md
    - AWS security audit checklist
  • azure_audit.md
    - Azure security audit checklist
  • gcp_audit.md
    - GCP security audit checklist
  • aws_audit.md
    - AWS安全审计清单
  • azure_audit.md
    - Azure安全审计清单
  • gcp_audit.md
    - GCP安全审计清单