Pentesting cloud notes

docs/az-500-exams.md

@@ -13,31 +13,25 @@ tags:
 
 # My 100 selected questions to warm up for the AZ-500 certificate
 
-Cheatsheets: **[Azure-CLI](azure-cli.md)**  **|** **[Azure PowerShell](azure-powershell.md)**     |   Certification accomplished at: **October 30th,  2023**.
-
----
-
 These questions form the hard core of my question bank. They originate from various sources, including Udemy, Microsoft's free practice assessments, and YouTube videos. Successfully completing these questions does not guarantee approval for the AZ-500 exam, but it does provide a good indicator of where you stand up.
 
 
-??? abstract "Source for these practice tests"
-	- [Free practice assessment from Microsoft](https://learn.microsoft.com/en-us/credentials/certifications/exams/az-500/) 
-	- [Udemy courses](https://www.udemy.com/courses/search/?src=ukw&q=az-500)  
-	- [Video](https://yewtu.be/watch?v=Ct9CY0RGdf8) 
-
-Go to my notes to get a taste of the contents:  [AZ-500: Notes to get through the Azure security engineer certificate](az-500-preparation.md).  
+??? abstract "Sources of this notes"
+    - [The Microsoft e-learn platform](https://learn.microsoft.com/en-us/credentials/certifications/exams/az-500/).
+    - Book:  ["Microsoft Certified - MCA Microsoft Certified Associate Azure Security Engineer Study Guide: Exam AZ-500](https://www.amazon.es/Microsoft-Certified-Associate-Security-ngineer/dp/1119870372/). 
+    - Udemy course:  [AZ-500 Microsoft Azure Security Technologies Exam Prep](https://www.udemy.com/course/az500-azure/).
+    - Udemy course: [Azure Security: AZ-500 (updated July 2023)](https://www.udemy.com/course/azure-security-associate-az-500/)
 
 ??? note "Summary: AZ-500 Microsoft Azure Security Engineer Certification"
-	- [About the certificate](az-500-preparation.md)
-	- [I. Manage Identity and Access](az-500-ad-1-identity-and-access.md)
-	- [II. Platform protection](az-500-ad-2-platform-protection.md)
-	- [III. Data and applications](az-500-ad-3-data-and-applications.md)
-	- [IV. Security operations](az-500-ad-4-security-operations.md)
-	- [AZ-500 and more: keep learning](az-500-keep-learning.md)
+	- [About the certificate](cloud/azure/az-500-preparation.md)
+	- [I. Manage Identity and Access](cloud/azure/az-500-ad-1-identity-and-access.md)
+	- [II. Platform protection](cloud/azure/az-500-ad-2-platform-protection.md)
+	- [III. Data and applications](cloud/azure/az-500-ad-3-data-and-applications.md)
+	- [IV. Security operations](cloud/azure/az-500-ad-4-security-operations.md)
+	- [AZ-500 and more: keep learning](cloud/azure/az-500-keep-learning.md)
 
-Cheatsheets: **[Azure-CLI](azure-cli.md)**  **|** **[Azure PowerShell](azure-powershell.md)**  
 
-[100 questions you should pass for the AZ-500 certificate](az-500-exams.md)
+Cheatsheets: **[Azure-CLI](azure-cli.md)**  **|** **[Azure PowerShell](azure-powershell.md)**  
 
 ---
 #####  Question  1

docs/az-500-preparation.md

@@ -13,34 +13,34 @@ tags:
 
 # AZ-500 Azure Security Engineer: Notes on the certification
 
-??? abstract "Sources of this notes:"
+??? abstract "Sources of this notes"
     - [The Microsoft e-learn platform](https://learn.microsoft.com/en-us/credentials/certifications/exams/az-500/).
     - Book:  ["Microsoft Certified - MCA Microsoft Certified Associate Azure Security Engineer Study Guide: Exam AZ-500](https://www.amazon.es/Microsoft-Certified-Associate-Security-ngineer/dp/1119870372/). 
     - Udemy course:  [AZ-500 Microsoft Azure Security Technologies Exam Prep](https://www.udemy.com/course/az500-azure/).
     - Udemy course: [Azure Security: AZ-500 (updated July 2023)](https://www.udemy.com/course/azure-security-associate-az-500/)
 
 ??? note "Summary: AZ-500 Microsoft Azure Security Engineer Certification"
-	- [About the certificate](az-500-preparation.md)
-	- [I. Manage Identity and Access](az-500-ad-1-identity-and-access.md)
-	- [II. Platform protection](az-500-ad-2-platform-protection.md)
-	- [III. Data and applications](az-500-ad-3-data-and-applications.md)
-	- [IV. Security operations](az-500-ad-4-security-operations.md)
-	- [AZ-500 and more: keep learning](az-500-keep-learning.md)
+	- [About the certificate](cloud/azure/az-500-preparation.md)
+	- [I. Manage Identity and Access](cloud/azure/az-500-ad-1-identity-and-access.md)
+	- [II. Platform protection](cloud/azure/az-500-ad-2-platform-protection.md)
+	- [III. Data and applications](cloud/azure/az-500-ad-3-data-and-applications.md)
+	- [IV. Security operations](cloud/azure/az-500-ad-4-security-operations.md)
+	- [AZ-500 and more: keep learning](cloud/azure/az-500-keep-learning.md)
+
 
 Cheatsheets: **[Azure-CLI](azure-cli.md)**  **|** **[Azure PowerShell](azure-powershell.md)**  
 
-[100 questions you should pass for the AZ-500 certificate](az-500-exams.md)
+[100 questions you should pass for the AZ-500 certificate](cloud/azure/az-500-exams.md)
 
 --- 
 
-
 These are some of the requirements for facing the az-500 highlighted by some experts:
 
 - Have previously taken the Azure Administrator: AZ-103/104 course.
 - A minimum of 1 year experience with Azure.
 - Understand concepts of virtual machines, resource groups and Azure AD.
 
-Since I only had two vouchers for azure certifications in 2023 and I had already spent one on the [AZ-900](az-900-preparation.md), and I  focused myself on the AZ-500, but first I completed the AZ-104 trainings. [These are my notes for this AZ-104 not-certificated learning](az-104-preparation.md).
+Since I only had two vouchers for azure certifications in 2023 and I had already spent one on the [AZ-900](cloud/azure/az-900-preparation.md), and I  focused myself on the AZ-500, but first I completed the AZ-104 trainings. [These are my notes for this AZ-104 not-certificated learning](cloud/azure/az-104-preparation.md).
 
 
 ## Differences between the AZ-500 and the SC-900 certification

docs/burpsuite.md

@@ -33,7 +33,6 @@ Download from:  https://www.jruby.org/download
 
 ## Extensions that make your life better
 
-
 ### Autorize 
 
 Autorize is an extension aimed at helping the penetration tester to detect authorization vulnerabilities, one of the more time-consuming tasks in a web application penetration test.

docs/cloud/aws/aws-essentials.md

@@ -0,0 +1,55 @@
+
+
+# Amazon Web Services (AWS) Essentials
+
+
+## AWS Compute
+
+### Elastic Computer Cloud (EC2)
+
+An EC2 instance is a Virtual Server running on AWS. You deploy your EC2 instances into a virtual private cloud or VPC. You can deploy them into public or private subnets.
+
+Public subnets have a public IP address and can be accessed from the Internet. Private subnets are isolated. They can only communicate with each other within the VPC (unless you install a gateway).
+
+
+## AWS Storage
+
+### Amazon Elastic Block Store (EBS)
+
+Block Storage Device, it's a virtual hard drive in the cloud. The OS reads/writes at the block level. Disks can be internal, or Network attached. The OS sees volumes that can be partitioned and formatted. Use cases:
+
+- Use by Amazon EC2 instances.
+- Relational and non-relational databases.
+- Enterprises applications.
+- Containerized applications.
+- Big data analytics.
+- File systems.
+
+### Amazon Elastic File System (EFS)
+
+It uses File Storage, in which a filesystem is mounted to the OS using a network share. A filesystem can be shared by many users. Use cases:
+
+- Corporate home directories.
+- Corporate shared directories.
+- Big data analytics.
+- Lift & Shift enterprise applications.
+- Web serving.
+- Content management.
+
+### Amazon Simple Storage Services (S3)
+
+It uses Object Storage Containers. They are usually on-premises. There is no hierarchy of objects in the container.  It uses REST API. Use cases:
+
+- Websites.
+- Mobile applications.
+- Backup and archiving.
+- IoT devices.
+- Big data analytics.
+
+As benefits, it has very low-cost object storage, a high durability and multiple storage classes. 
+
+In S3 you have  buckets. A bucket is a container into which you put your objects. You can have those objects inside your bucket public or private to the Internet.
+
+
+
+

docs/cloud/aws/pentesting-aws.md

@@ -0,0 +1,25 @@
+---
+title: Pentesting Amazon Web Services (AWS)
+author: amandaguglieri
+draft: false
+TableOfContents: true
+tags:
+  - cloud
+  - Azure
+  - pentesting cloud
+---
+
+# Pentesting Amazon Web Services (AWS)
+
+
+
+## Amazon S3
+
+S3 is an object storage service in the AWS cloud service. With S3, you can store objects in buckets. Files stored in an Amazon S3 bucket are called S3 objects.
+
+[awscli](../../awscli.md) is a tool that lists the S3 objects.
+
+## Enumerate instances
+
+[insp3ctor](https://github.com/brianwarehime/inSp3ctor): the AWS bucket finder.
+

docs/az-104-preparation.md → docs/cloud/azure/az-104-preparation.md

@@ -13,7 +13,7 @@ tags:
 
 # AZ-104 Microsoft Azure Administrator certificate
 
-!!! abstract "Sources of this notes:"
+!!! abstract "Sources of this notes"
     - [The Microsoft e-learn platform](https://learn.microsoft.com/en-us/credentials/certifications/exams/az-104/).
     - Udemy course:  [Prove your AZ-104 Microsoft Azure Administrator skills to the world. Updated.](https://eylearning.udemy.com/course/70533-azure/).
 
@@ -44,18 +44,18 @@ There's approximate parity between the portal, the Azure CLI, and Azure PowerShe
 
 Azure PowerShell is a module that you add to Windows PowerShell or PowerShell Core to enable you to connect to your Azure subscription and manage resources. Azure PowerShell requires PowerShell to function. PowerShell provides services such as the shell window and command parsing. Azure PowerShell adds the Azure-specific commands.
 
-[See cheat sheet for Azure Powershell](azure-powershell.md). 
+[See cheat sheet for Azure Powershell](../../azure-powershell.md). 
 
 
 ### Azure CLI 
 
 Azure CLI is a command-line program to connect to Azure and execute administrative commands on Azure resources. The Azure CLI is available two ways: inside a browser via the Azure Cloud Shell, or with a local installation on Linux, Mac, or Windows. It allows administrators and developers to execute their commands through a terminal, command-line prompt, or script instead of a web browser.
 
-[See cheat sheet for Azure CLI](azure-cli.md). 
+[See cheat sheet for Azure CLI](../../azure-cli.md). 
 
 ### Azure Resource Manager (ARM)
 
-![Azure Resource Manager](img/az-104_1.png)
+![Azure Resource Manager](../../img/az-104_1.png)
 
 
 Azure Resource Manager provides several benefits:
@@ -97,7 +97,7 @@ To move resources, select the resource group containing those resources, and the
 
 **Deleting resources**:
 
-See how to remove a resource group using [Azure powershell](azure-powershell.md).
+See how to remove a resource group using [Azure powershell](../../azure-powershell.md).
 
 **Determine resource limits**: 
 

docs/az-500-ad-1-identity-and-access.md → docs/cloud/azure/az-500-ad-1-identity-and-access.md

@@ -13,7 +13,7 @@ tags:
 
 # I. Manage Identity and Access
 
-??? abstract "Sources of this notes:"
+??? abstract "Sources of this notes"
     - [The Microsoft e-learn platform](https://learn.microsoft.com/en-us/credentials/certifications/exams/az-500/).
     - Book:  ["Microsoft Certified - MCA Microsoft Certified Associate Azure Security Engineer Study Guide: Exam AZ-500](https://www.amazon.es/Microsoft-Certified-Associate-Security-ngineer/dp/1119870372/). 
     - Udemy course:  [AZ-500 Microsoft Azure Security Technologies Exam Prep](https://www.udemy.com/course/az500-azure/).
@@ -27,12 +27,14 @@ tags:
 	- [IV. Security operations](az-500-ad-4-security-operations.md)
 	- [AZ-500 and more: keep learning](az-500-keep-learning.md)
 
-Cheatsheets: **[Azure-CLI](azure-cli.md)**  **|** **[Azure PowerShell](azure-powershell.md)**  
 
-[100 questions you should pass for the AZ-500 certificate](az-500-exams.md)
+Cheatsheets: **[Azure-CLI](../../azure-cli.md)**  **|** **[Azure PowerShell](../../azure-powershell.md)**  
+
+[100 questions you should pass for the AZ-500 certificate](az-500-exams.md) 
 
 --- 
 
+
 **Azure Active Directory** (Azure AD) is a cloud-based identity and access management service.
 ## 1. Microsoft Entra ID 
 
@@ -240,7 +242,7 @@ When you create an Azure AD DS managed domain, you define a unique namespace. Th
 
 Azure AD DS replicates identity information from Azure AD, so it works with Azure AD tenants that are cloud-only or synchronized with an on-premises AD DS environment. Azure AD DS performs a one-way synchronization from Azure AD to provide access to a central set of users, groups, and credentials. You can create resources directly in the managed domain (Azure ADDS), but they aren't synchronized back to Azure AD.
 
-![Azure ADDS](img/az-500_1.png)
+![Azure ADDS](../../img/az-500_1.png)
 
 
 
@@ -358,7 +360,7 @@ Azure AD hands off the authentication process to a separate trusted authenticati
 
 So, which one is more appropiate for your organization? See this decision tree:
 
-![Decision tree](img/az-500_4.png)
+![Decision tree](../../img/az-500_4.png)
 
 
 ### 2.4. Azure AD Password Hash Synchronization (PHS)
@@ -369,7 +371,7 @@ So, which one is more appropiate for your organization? See this decision tree:
 
 >It is important to understand that this is **same sign-in**, not single sign-on. The user still authenticates against two separate directory services, albeit with the same user name and password. This solution provides a simple alternative to an AD FS implementation.
 
-![Azure AD PHS](img/az-500_2.png)
+![Azure AD PHS](../../img/az-500_2.png)
 
 ### 2.5. Azure AD Pass-through Authentication (PTA)
 
@@ -386,7 +388,7 @@ So, which one is more appropiate for your organization? See this decision tree:
 - Installing multiple agents provides high availability of sign-in requests.
 - PTA protects your on-premises accounts against brute force password attacks in the cloud.
 
-![Azure AD PTA](img/az-500_3.png)
+![Azure AD PTA](../../img/az-500_3.png)
 
 
 ### 2.6. Azure AD Federation
@@ -410,7 +412,7 @@ Password writeback provides:
 - **Supports password writeback when an admin resets them from the Azure portal**. Whenever an admin resets a user’s password in the Azure portal, if that user is federated or password hash synchronized, the password is written back to on-premises. This functionality is currently not supported in the Office admin portal.
 - **Doesn’t require any inbound firewall rules**. Password writeback uses an Azure Service Bus relay as an underlying communication channel. All communication is outbound over port 443.
 
-![Password writeback](img/az-500_5.png)
+![Password writeback](../../img/az-500_5.png)
 
 
 
@@ -440,7 +442,7 @@ The insight you get for a detected risk detection is tied to your Azure AD subsc
 - **Sign-in risk policy** - Identity Protection analyzes signals from each sign-in, both real-time and offline, and calculates a risk score based on the probability that the sign-in wasn't performed by the user. Administrators can decide based on this risk score signal to enforce organizational requirements. Administrators can choose to block access, allow access, or allow access but require multi-factor authentication. Administrators can also choose to create a custom Conditional Access policy, including sign-in risk as an assignment condition.
 - **User risk policy** - Identifies and responds to user accounts that may have compromised credentials. Can prompt the user to create a new password.
 
-![Azure AD identity protection: default policies](img/az-500_6.png)
+![Azure AD identity protection: default policies](../../img/az-500_6.png)
 
 
 When you enable a policy user or sign-in risk policy, you can also choose the threshold for risk level - _**low and above**_, _medium and above_, or _**high**_. This flexibility lets you decide how aggressive you want to be in enforcing any controls for suspicious sign-in events.
@@ -528,7 +530,7 @@ Conditional Access is the tool used by Azure Active Directory to bring signals t
 
 Conditional access comes with six conditions: user/group, cloud application, device state, location (IP range), client application, and sign-in risk.
 
-![Azure AD Conditional access](img/az-500_7.png)
+![Azure AD Conditional access](../../img/az-500_7.png)
 
 With access controls, you can either Block Access altogether or Grant Access with more requirements: 
 
@@ -681,7 +683,7 @@ Apply policies or access controls to any service
 
 **Configure Azure policies** - Azure Policy is a service you use to create, assign, and manage policies. These policies enforce different rules and effects over your resources so that those resources stay compliant with your corporate standards and service level agreements.
 
-![Azure policies](img/az-500_8.png)
+![Azure policies](../../img/az-500_8.png)
 
 The **first pillar** is around **real-time enforcement and compliance assessment**.