Networking Security How-To Guides
Find AWS API Gateways Without Authorizers
If no authorizer is defined, anyone can use the service.
Find AWS API Gateways Without SSL Client Authentication
Man-in-the-middle attacks are possible and other similar risks.
Find AWS API Gateways Without WAF ACLs
Access control lists (ACLs) reduce the attack surface and minimize the risk of service abuse for internet-reachable services.
Find AWS EC2 Network ACLs Allowing All IPv4 Inbound Traffic
Even having a perimeter firewall, having security groups open allows any user or malware with vpc access to scan for well known and sensitive ports and gain access to instance.
Find AWS EC2 Network ACLs Allowing All IPv6 Inbound Traffic
Even having a perimeter firewall, having security groups open allows any user or malware with vpc access to scan for well known and sensitive ports and gain access to instance.
Find AWS EC2 Security Groups Allowing All Inbound Traffic on Default Cassandra Ports
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All Inbound Traffic on Default FTP Ports
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All Inbound Traffic on Default Kafka Ports
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All Inbound Traffic on Default Kibana Ports
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All Inbound Traffic on Default Memcached Ports
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All Inbound Traffic on Default MongoDB Ports
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All Inbound Traffic on Default MySQL Ports
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All Inbound Traffic on Default Oracle Database Ports
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All Inbound Traffic on Default PostgreSQL Ports
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All Inbound Traffic on Default RDP Ports
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All Inbound Traffic on Default Redis Ports
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All Inbound Traffic on Default SQL Server Ports
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All Inbound Traffic on Default SSH Ports
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All Inbound Traffic on Default Telnet Ports
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All Inbound Traffic
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All IPv4 Inbound Traffic
If security groups are not properly configured, the attack surface is increased.
Find AWS EC2 Security Groups Allowing All IPv6 Inbound Traffic
If security groups are not properly configured, the attack surface is increased.
Find AWS VPCs with Default Security Groups Allowing All Inbound Traffic
Even having a perimeter firewall, having security groups open allows any user or malware with vpc access to scan for well known and sensitive ports and gain access to instance.
Find AWS VPCs with Overly Permissive Peering Routing Tables
Being highly selective in peering routing tables is a very effective way of minimizing the impact of breach as resources outside of these routes are inaccessible to the peered VPC.
Find Overly Permissive AWS EC2 Security Groups
If security groups are not properly configured, the attack surface is increased.
Find Public AWS EC2 Instances with Instance Profiles
Exposing an EC2 directly to internet increases the attack surface and therefore the risk of compromise.
Find Public AWS EC2 Instances
Exposing an EC2 directly to internet increases the attack surface and therefore the risk of compromise.