From bda7100a77d2bae98995d31ea3e2af412e0543b1 Mon Sep 17 00:00:00 2001
From: Swissky <12152583+swisskyrepo@users.noreply.github.com>
Date: Fri, 21 Feb 2020 10:47:16 +0100
Subject: [PATCH] Fix Cloud references
---
...{Cloud - AWS.md => Cloud - AWS Pentest.md} | 16 +++++++-------
...ud - Azure.md => Cloud - Azure Pentest.md} | 22 +++++++++----------
2 files changed, 19 insertions(+), 19 deletions(-)
rename Methodology and Resources/{Cloud - AWS.md => Cloud - AWS Pentest.md} (92%)
rename Methodology and Resources/{Cloud - Azure.md => Cloud - Azure Pentest.md} (90%)
diff --git a/Methodology and Resources/Cloud - AWS.md b/Methodology and Resources/Cloud - AWS Pentest.md
similarity index 92%
rename from Methodology and Resources/Cloud - AWS.md
rename to Methodology and Resources/Cloud - AWS Pentest.md
index ad576d5..33d4c7e 100644
--- a/Methodology and Resources/Cloud - AWS.md
+++ b/Methodology and Resources/Cloud - AWS Pentest.md
@@ -351,11 +351,11 @@ https://github.com/DenizParlak/Zeus
## References
-* https://www.gracefulsecurity.com/an-introduction-to-penetration-testing-aws/
-* https://www.cyberark.com/threat-research-blog/cloud-shadow-admin-threat-10-permissions-protect/
-* https://github.com/toniblyx/my-arsenal-of-aws-security-tools
-* https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/
-* AWS CLI Cheatsheet https://gist.github.com/apolloclark/b3f60c1f68aa972d324b
-* https://rhinosecuritylabs.com/aws/pacu-open-source-aws-exploitation-framework/
-* https://www.youtube.com/watch?v=XfetW1Vqybw&feature=youtu.be&list=PLBID4NiuWSmfdWCmYGDQtlPABFHN7HyD5
-* https://pumascan.com/resources/cloud-security-instance-metadata/
\ No newline at end of file
+* [An introduction to penetration testing AWS - Graceful Security](https://www.gracefulsecurity.com/an-introduction-to-penetration-testing-aws/)
+* [Cloud Shadow Admin Threat 10 Permissions Protect - CyberArk](https://www.cyberark.com/threat-research-blog/cloud-shadow-admin-threat-10-permissions-protect/)
+* [My arsenal of AWS Security tools - toniblyx](https://github.com/toniblyx/my-arsenal-of-aws-security-tools)
+* [AWS Privilege Escalation method mitigation - RhinoSecurityLabs](https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/)
+* [AWS CLI Cheatsheet - apolloclark](https://gist.github.com/apolloclark/b3f60c1f68aa972d324b)
+* [Pacu Open source AWS Exploitation framework - RhinoSecurityLabs](https://rhinosecuritylabs.com/aws/pacu-open-source-aws-exploitation-framework/)
+* [PACU Spencer Gietzen - 30 juil. 2018](https://www.youtube.com/watch?v=XfetW1Vqybw&feature=youtu.be&list=PLBID4NiuWSmfdWCmYGDQtlPABFHN7HyD5)
+* [Cloud security instance metadata - PumaScan](https://pumascan.com/resources/cloud-security-instance-metadata/)
\ No newline at end of file
diff --git a/Methodology and Resources/Cloud - Azure.md b/Methodology and Resources/Cloud - Azure Pentest.md
similarity index 90%
rename from Methodology and Resources/Cloud - Azure.md
rename to Methodology and Resources/Cloud - Azure Pentest.md
index f7363f7..54aec01 100644
--- a/Methodology and Resources/Cloud - Azure.md
+++ b/Methodology and Resources/Cloud - Azure Pentest.md
@@ -389,7 +389,7 @@ NOTE: By default, O365 has a lockout policy of 10 tries, and it will lock out an
2
firstname.lastname@domain.com
Federated
- axa.com
+ domain.com
-1
https://fws.domain.com/o365/visfed/intrdomain/se/?username=firstname.lastname%40domain.com&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=
@@ -400,13 +400,13 @@ NOTE: By default, O365 has a lockout policy of 10 tries, and it will lock out an
## References
-* https://www.gracefulsecurity.com/an-introduction-to-pentesting-azure/
-* https://blog.netspi.com/running-powershell-scripts-on-azure-vms/
-* https://blog.netspi.com/attacking-azure-cloud-shell/
-* https://blog.netspi.com/maintaining-azure-persistence-via-automation-accounts/
-* https://www.smartspate.com/detecting-an-attacks-on-active-directory-with-azure/
-* Azure AD Overview www.youtube.com/watch?v=l_pnNpdxj20
-* Windows Azure Active Directory in plain English www.youtube.com/watch?v=IcSATObaQZE
-* Building Free Active Directory Lab in Azure https://medium.com/@kamran.bilgrami/ethical-hacking-lessons-building-free-active-directory-lab-in-azure-6c67a7eddd7f
-* https://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a
-* https://blog.xpnsec.com/azuread-connect-for-redteam/
\ No newline at end of file
+* [An introduction to penetration testing Azure - Graceful Security](https://www.gracefulsecurity.com/an-introduction-to-penetration-testing-azure/)
+* [Running POwershell scripts on Azure VM - Netspi](https://blog.netspi.com/running-powershell-scripts-on-azure-vms/)
+* [Attacking Azure Cloud shell - Netspi](https://blog.netspi.com/attacking-azure-cloud-shell/)
+* [Maintaining Azure Persistence via automation accounts - Netspi](https://blog.netspi.com/maintaining-azure-persistence-via-automation-accounts/)
+* [Detecting an attacks on active directory with Azure - Smartspate](https://www.smartspate.com/detecting-an-attacks-on-active-directory-with-azure/)
+* [Azure AD Overview](https://www.youtube.com/watch?v=l_pnNpdxj20)
+* [Windows Azure Active Directory in plain English](https://www.youtube.com/watch?v=IcSATObaQZE)
+* [Building Free Active Directory Lab in Azure - @kamran.bilgrami](https://medium.com/@kamran.bilgrami/ethical-hacking-lessons-building-free-active-directory-lab-in-azure-6c67a7eddd7f)
+* [Attacking Azure/Azure AD and introducing Powerzure - SpecterOps](https://posts.specterops.io/attacking-azure-azure-ad-and-introducing-powerzure-ca70b330511a)
+* [Azure AD connect for RedTeam - @xpnsec](https://blog.xpnsec.com/azuread-connect-for-redteam/)
\ No newline at end of file