44CON2022

In this session you’ll learn to how to use AWS APIs to not just discover infrastructure, but discover insecure or badly configured AWS infrastructure. Starting nearly from scratch, you’ll build a shell-script or python-based tool that can invoke AWS APIs, interrogate and understand the responses, and use that to guide your exploration of AWS infrastructure.

Requirements:

In order to get value from this workshop, you need to bring the following. There will not be time to open an AWS account, install the AWS CLI, and set up your environment during the workshop. You need to do that in advance. You can use a personal AWS account: the techniques in this workshop can be executed with literally 0 cost. Creating (empty) buckets, security groups, NACL rules and IAM policies are all free actions, as are the discovery APIs that we will call.

Before the workshop you need:

Access to an AWS account
You need some king of identity:
create an IAM user and give it some privileges
use an existing identity and use it at the command line
A laptop where you can write code and run commands at the command line
install a recent version of bash. Any Linux will do. (Windows Subsystem for Linux works fine) or Python 3.8 or later
install the AWS CLI
install jq (for parsing JSON)
if you are using Python, you need to install Boto3 (pip install boto3)
A code editor that you know how to use. We use VSCodium, but it’s up to you.
If you can run the following comment and get sensible output, you have met the prerequisites:

aws sts get-caller-identity

Sensible output looks like:

{

"UserId": "AIDAEXAMPLEEXAMPLE",

"Account": "111122223333",

"Arn": "arn:aws:iam::111122223333:user/paco"

}