文档手册
欺骗的艺术
Web安全渗透剖析
Web应用漏洞侦测与防御
无线网络安全攻防实战进阶
论PHP常见的漏洞
Android 渗透测试手册
Python高级与网络编程
Nmap参考指南
Wireshark 用户手册
Web Hacking 101 中文版
渗透测试学习手册(中文)
浅入浅出Android安全
全网最强渗透知识库HackTricks
The Hacker Recipes(红队技巧手册)
Pentest Book(渗透测试权威指南)
RedTeam2.0(红队笔记)
AD域渗透专项英文参考
C2Matrix(C2工具大全)
OSCP备考笔记
Hack The Box OSCP Preparation
Micro8技术笔记
攻防实录:渗透测试从0-1
WIN系统安全加固手册
应急响应手册在线阅读
WebShell免杀PHP手册
简要基础命令速查笔记
Java安全知识体系合集
Go安全知识体系合集
Go安全开发逆向结合
Web3区块链安全合集
PHP安全知识体系合集
云安全方向的知识文库
CTF从入门到快速放弃
Cobalt Strike使用手册
区块链黑暗森林自救手册
小迪安全知识库
-
+
首页
云安全方向的知识文库
云安全方向的知识文库
项目地址:https://wiki.teamssix.com/ 注意 * T Wiki 由 TeamsSix 搭建并运营,T Wiki 仅可用于安全从业人员或者网络安全兴趣爱好者查阅资料使用。 * 不可将 T Wiki 直接或间接的用于违法犯罪目的,如若本文库被不法分子用于非法用途,文章作者不为此承担任何责任,TeamsSix 拥有最终修改和解释权。 * T Wiki 遵循 [CC BY-NC 4.0 (opens new window)](http://creativecommons.org/licenses/by-nc/4.0/)国际许可协议,有以下几点需要注意: * T Wiki 内的文章不得用于商业用途 * 文章中如无特殊声明则默认表示 TeamsSix 是该文的作者 * 如欲转载此文库中的文章,需注明来源和作者,如果对文章内容进行了修改则需要对修改的地方进行说明 ## 0x01 资料 📚 ### [#](https://wiki.teamssix.com/CloudSecurityResources/#_1-%E7%BB%BC%E5%90%88)1 综合 * T Wiki 云安全知识文库 🔥 [地址(opens new window)](https://wiki.teamssix.com/) * Hacking The Cloud(英文) [地址(opens new window)](https://hackingthe.cloud/) * Cloud Security Wiki By NotSoSecure(英文)[地址(opens new window)](https://cloudsecwiki.com/index.html) * Cloud Security Wiki By WithSecure(英文)[地址 (opens new window)](https://www.secwiki.cloud/)`由「Kagantua」师傅补充,感谢支持` * 云服务漏洞库(英文)[地址(opens new window)](https://www.cloudvulndb.org/) * 2021 年云安全事件回顾(英文)[地址(opens new window)](https://blog.christophetd.fr/cloud-security-breaches-and-vulnerabilities-2021-in-review/) * 云渗透技巧 HackTricks Cloud(英文)[地址(opens new window)](https://cloud.hacktricks.xyz/) * 云风险百科(英文)[地址(opens new window)](https://orca.security/resources/cloud-risk-encyclopedia/) * 火线云安全知识库 [地址(opens new window)](https://cloudsec.huoxian.cn/) * 云安全文库(英文)[地址(opens new window)](https://cloudsecdocs.com/) * Sysdig 2023 年全球云威胁报告(英文) [地址(opens new window)](https://sysdig.com/blog/2023-global-cloud-threat-report) * 云渗透笔记 CloudPentestCheatsheets(英文)[地址 (opens new window)](https://github.com/dafthack/CloudPentestCheatsheets) `由「Kfzz1」师傅补充,感谢支持` * AWS 攻击知识库 WeirdAAL (英文) [地址 (opens new window)](https://github.com/carnal0wnage/weirdAAL) * T Wiki 云安全知识文库项目 [地址 (opens new window)](https://github.com/teamssix/TWiki) `T Wiki 文库现已开源,可部署到自己本地方便内网阅读` * 云安全入门资料 [地址 (opens new window)](https://github.com/Esonhugh/Attack_Code) * 云安全向导 [地址 (opens new window)](https://github.com/GRQForCloud/cloud-security-guides) ### [#](https://wiki.teamssix.com/CloudSecurityResources/#_2-%E5%8D%9A%E5%AE%A2%E8%B5%84%E8%AE%AF)2 博客资讯 * 0xd4y 博客(英文)[地址(opens new window)](https://0xd4y.com/) * Aqua 博客(英文)[地址(opens new window)](https://blog.aquasec.com/) * AWS 安全公告(英文)[地址(opens new window)](https://aws.amazon.com/security/security-bulletins) * Bridgecrew 博客(英文)[地址(opens new window)](https://bridgecrew.io/blog/) * Christophe Tafani-Dereeper 博客(英文)[地址(opens new window)](https://blog.christophetd.fr/) * Chris Farris 的个人博客(英文)[地址(opens new window)](https://www.chrisfarris.com/) * CIS Benchmarks 下载页(英文)[地址(opens new window)](https://downloads.cisecurity.org/) * CNCF 博客(英文)[地址(opens new window)](https://www.cncf.io/blog/) * Deepfence 博客(英文)[地址(opens new window)](https://deepfence.io/blog/) * DevOps 安全博客(英文)[地址(opens new window)](https://www.conjur.org/blog/) * DevOps 资讯(英文)[地址(opens new window)](https://devops.com/) * Ermetic 博客(英文)[地址(opens new window)](https://ermetic.com/blog) * Gafnit Amiga 的个人博客(英文)[地址(opens new window)](https://gafnit.blog/) * HashiCorp 博客(英文)[地址(opens new window)](https://www.hashicorp.com/blog) * Humanitec 博客(英文)[地址(opens new window)](https://humanitec.com/blog) * Lacework 博客(英文)[地址(opens new window)](https://www.lacework.com/blog/) * Lightspin 博客(英文)[地址(opens new window)](https://blog.lightspin.io/) * Mystic0x1 博客(英文)[地址(opens new window)](https://mystic0x1.github.io/) * Nick Frichette 的个人博客(英文)[地址(opens new window)](https://frichetten.com/) * Orca 博客(英文)[地址(opens new window)](https://orca.security/resources/blog/) * PeoplActive 博客(英文)[地址(opens new window)](https://peoplactive.com/blog/) * Praetorian 博客(英文)[地址(opens new window)](https://www.praetorian.com/blog) * Rhino Security Labs 博客(英文)[地址(opens new window)](https://rhinosecuritylabs.com/blog/?category=cloud-security) * Sysdig 云安全报告资讯(英文)[地址(opens new window)](https://sysdig.com/resources/reports/) * Sysdig 博客(英文)[地址(opens new window)](https://sysdig.com/blog/) * TeamsSix 的个人博客 [地址(opens new window)](https://teamssix.com/) * Trend Micro 博客(英文)[地址(opens new window)](https://www.trendmicro.com/en_us/devops.html) * WIZ 博客(英文)[地址(opens new window)](https://www.wiz.io/blog/) * 安全大道资讯(英文)[地址(opens new window)](https://securityboulevard.com/cloud-security/) * 福布斯 Cloud 100(英文)[地址(opens new window)](https://forbes.com/lists/cloud100/) * 火线安全每日云安全资讯 [地址(opens new window)](https://cloudsec.huoxian.cn/docs/information) * 绿盟技术博客 [地址(opens new window)](http://blog.nsfocus.net/tag/%e4%ba%91%e5%ae%89%e5%85%a8/) * 容器杂志资讯(英文)[地址(opens new window)](https://containerjournal.com/) * 腾讯云鼎每日云安全资讯 [地址(opens new window)](https://cloudsec.tencent.com/info/list.html) * 云安全资讯(每周更新一次)(英文)[地址(opens new window)](https://cloudseclist.com/past-issues) * 云计算市场资讯(英文)[地址(opens new window)](https://interconnected.blog/tag/cloud-industry) * 云原生实验室博客 [地址 (opens new window)](https://icloudnative.io/)`由「DVKunion」师傅补充,感谢支持` ### [#](https://wiki.teamssix.com/CloudSecurityResources/#_3-%E5%85%AC%E4%BC%97%E5%8F%B7)3 公众号 * TeamsSix * 火线 Zone * 云鼎实验室 * 绿盟科技研究通讯 * 默安逐日实验室 * Linux 云计算网络 `由「zxynull」师傅补充,感谢支持` * 云原生技术社区 `由「zxynull」师傅补充,感谢支持` * 进击云原生 `由「zxynull」师傅补充,感谢支持` * CNCF * 容器魔方 * 云计算D1net * 云原生社区动态 * 大可不加冰 * 小佑科技 `由「宅独青年」师傅补充,感谢支持` * 喵苗安全 `由「Yaney」师傅补充,感谢支持` * Bypass `由「glan」师傅补充,感谢支持` ### [#](https://wiki.teamssix.com/CloudSecurityResources/#_4-%E6%8E%A8%E7%89%B9)4 推特 * 0xd4y [(opens new window)](https://twitter.com/0xd4y) * Andy Robbins [(opens new window)](https://twitter.com/_wald0) * Beau Bullock [(opens new window)](https://twitter.com/dafthack) * Chris Farris [(opens new window)](https://twitter.com/jcfarris) * Christophe Tafani-Dereeper [(opens new window)](https://twitter.com/christophetd) * Dirk-jan [(opens new window)](https://twitter.com/_dirkjan) * Dr. Nestori Syynimaa [(opens new window)](https://twitter.com/DrAzureAD) * Emilien Socchi [(opens new window)](https://twitter.com/emiliensocchi) * Fabian Bader [(opens new window)](https://twitter.com/fabian_bader) * Fawaz [(opens new window)](https://twitter.com/0xFawaz) * gafnit [(opens new window)](https://twitter.com/gafnitav) * inversecosᵘʷᵘ [(opens new window)](https://twitter.com/inversecos) * Jason Ostrom [(opens new window)](https://twitter.com/securitypuck) * Joosua Santasalo [(opens new window)](https://twitter.com/SantasaloJoosua) * Karl [(opens new window)](https://twitter.com/kfosaaen) * Kfzz1 [(opens new window)](https://twitter.com/Kfzz12) * Liv Matan [(opens new window)](https://twitter.com/terminatorLM) * Marco Lancini [(opens new window)](https://twitter.com/lancinimarco) * Melvin langvik [(opens new window)](https://twitter.com/Flangvik) * Merill [(opens new window)](https://twitter.com/merill) * mx7krshell [(opens new window)](https://twitter.com/mx7krshell) * Nathan McNulty [(opens new window)](https://twitter.com/NathanMcNulty) * Nick Frichette [(opens new window)](https://twitter.com/Frichette_n) * Nikhil Mittal [(opens new window)](https://twitter.com/nikhil_mitt) * Nir Ohfeld [(opens new window)](https://twitter.com/nirohfeld) * Raunak Parmar [(opens new window)](https://twitter.com/trouble1_raunak) * Rhino Security Labs [(opens new window)](https://twitter.com/RhinoSecurity) * Roberto Rodriguez [(opens new window)](https://twitter.com/Cyb3rWard0g) * rootsecdev [(opens new window)](https://twitter.com/rootsecdev) * rvrsh3ll [(opens new window)](https://twitter.com/424f424f) * Ryan Hausknecht [(opens new window)](https://twitter.com/Haus3c) * Sami Lamppu [(opens new window)](https://twitter.com/samilamppu) * Sean Metcalf [(opens new window)](https://twitter.com/PyroTek3) * Seth Art [(opens new window)](https://twitter.com/sethsec) * Shir Tamari [(opens new window)](https://twitter.com/shirtamari) * Simon Décosse [(opens new window)](https://twitter.com/simondotsh) * Skyworship [(opens new window)](https://twitter.com/Skyworship2) * Thomas Naunheim [(opens new window)](https://twitter.com/Thomas_Live) ### [#](https://wiki.teamssix.com/CloudSecurityResources/#_5-%E4%B9%A6%E7%B1%8D)5 书籍 * 《云原生安全-攻防实践与体系构建》 * 《Hacking Kubernetes》 * 《Hands-On AWS Penetration Testing with Kali Linux》 ### [#](https://wiki.teamssix.com/CloudSecurityResources/#_6-%E8%A7%86%E9%A2%91)6 视频 * 0xd4y 频道(英文)[地址(opens new window)](https://www.youtube.com/@0xd4y) * CNCF 频道(英文)[地址(opens new window)](https://youtube.com/@cncf) * WIZ 频道(英文)[地址(opens new window)](https://www.youtube.com/@wizsecurity) * 火线云安全沙龙视频 [地址(opens new window)](https://space.bilibili.com/503330419) ### [#](https://wiki.teamssix.com/CloudSecurityResources/#_7-%E8%AF%81%E4%B9%A6)7 证书 * AWS 安全认证-专业 AWS Certified Security - Specialty [地址(opens new window)](https://aws.amazon.com/certification/certified-security-specialty/) * AWS 认证解决方案架构师-助理 AWS Certified Solutions Architect – Associate [地址(opens new window)](https://aws.amazon.com/cn/certification/certified-solutions-architect-associate/) * Azure 基础知识认证 Azure Fundamentals [地址(opens new window)](https://learn.microsoft.com/certifications/azure-fundamentals/) * Azure 安全工程师助理 Azure Security Engineer Associate [地址(opens new window)](https://learn.microsoft.com/certifications/azure-security-engineer/) * CompTIA Cloud+ [地址(opens new window)](https://www.comptia.org/certifications/cloud) * GCP 专业云安全工程师 GCP Professional Cloud Security Engineer [地址(opens new window)](https://cloud.google.com/learn/certification/cloud-security-engineer) * GCP 云工程师助理 Associate Cloud Engineer [地址(opens new window)](https://cloud.google.com/learn/certification/cloud-engineer) * Kubernetes 认证安全专家 Certified Kubernetes Security Specialist (CKS) [地址(opens new window)](https://training.linuxfoundation.org/certification/certified-kubernetes-security-specialist/) * 认证云安全专家 Certified Cloud Security Professional (CCSP) [地址(opens new window)](https://www.isc2.org/Certifications/CCSP) * 阿里云专业工程师 Alibaba Cloud Certified Professional (ACP) [地址(opens new window)](https://edu.aliyun.com/certification) * 阿里云云计算架构师 Alibaba Cloud Certified Expert - Cloud Computing (ACE) [地址(opens new window)](https://edu.aliyun.com/certification/ace01) * 阿里云助理工程师 Alibaba Cloud Certified Associate (ACA) [地址(opens new window)](https://edu.aliyun.com/certification) ### [#](https://wiki.teamssix.com/CloudSecurityResources/#_8-%E4%BA%91%E6%9C%8D%E5%8A%A1%E6%96%87%E7%AB%A0)8 云服务文章 **综合** * 浅谈云上攻防——云服务器攻防矩阵 [地址(opens new window)](https://cloud.tencent.com/developer/article/1931560) * 浅谈云上攻防——对象存储服务访问策略评估机制研究 [地址(opens new window)](https://mp.weixin.qq.com/s/ncWGrMsIAvh9HEK1QC5IGQ) * 红队视角下的公有云基础组件安全 [地址(opens new window)](https://mp.weixin.qq.com/s/r0DuASP6gH_48b5sJ1DCTw) * 红队视角下的公有云基础组件安全(二)[地址(opens new window)](https://mp.weixin.qq.com/s/lL32lywlrnuyhJkQk5NAEw) * 公有云 IP 重用的威胁和防御方法分析 Paper(英文)[地址(opens new window)](https://arxiv.org/pdf/2204.05122.pdf) * 企业迁移到公有云之前要问的5个问题 [地址(opens new window)](http://www.d1net.com/cloud/news/574569.html) * 云上攻防:RED TEAMING FOR CLOUD [地址(opens new window)](http://avfisher.win/archives/1175) * 云上攻防二三事(续)[地址(opens new window)](http://avfisher.win/archives/1331) * 云计算隔离问题:PostgreSQL 的漏洞影响到多个云计算供应商(英文)[地址(opens new window)](https://www.wiz.io/blog/the-cloud-has-an-isolation-problem-postgresql-vulnerabilities) * 常规云服务业务侧攻防视角研究 [地址(opens new window)](https://mp.weixin.qq.com/s/2yaQ_W5K7BfmycMO2UcXJg) * 云安全学习建议与方向(英文)[地址(opens new window)](https://www.nojones.net/posts/breaking-into-cloudsec) * 60 种云攻击的方法(英文)[地址 (opens new window)](https://redteamrecipe.com/60-methods-for-cloud-attacksrtc0009)`由「程皮糖别皮」师傅补充,感谢支持` * 云服务安全漏洞汇总 [地址 (opens new window)](https://github.com/hashishrajan/cloud-security-vulnerabilities) * Lightspin 2022 年 7 大云攻击路径(英文) [地址 (opens new window)](https://github.com/lightspin-tech/lightspin-2022-top-7-attack-paths) **AWS** * AWS S3 对象存储攻防 [地址(opens new window)](https://zone.huoxian.cn/d/907-aws-s3) * AWS EC2 弹性计算服务攻防 [地址(opens new window)](https://zone.huoxian.cn/d/1022-aws-ec2) * 针对 AWS Lambda 的运行时攻击 [地址(opens new window)](https://mp.weixin.qq.com/s/duF1Z0EDC3n_G378Aq_XYA) * 利用 AWS RDS 读取实例凭证(英文)[地址(opens new window)](https://blog.lightspin.io/aws-rds-critical-security-vulnerability) * 利用 AWS RDS 读取实例凭证(中文翻译)[地址(opens new window)](https://zone.huoxian.cn/d/1141-aws-rdsaws) * 风险最高的 10 种 AWS 配置错误 [地址(opens new window)](https://mp.weixin.qq.com/s/quIpapbkFNay0JtUK4wODQ) * 在 AWS 下查看自己所拥有的权限 [地址(opens new window)](https://wiki.teamssix.com/CloudService/IAM/list-attached-user-policies.html) * AWS 枚举(第一部分)(英文)[地址(opens new window)](https://securitycafe.ro/2022/11/01/aws-enumeration-part-1/) * 当 0day 和访问密钥在云上被结合利用时:应对 SugarCRM 0day 漏洞 (英文) [地址(opens new window)](https://unit42.paloaltonetworks.com/sugarcrm-cloud-incident-black-hat/) * 利用 AWS 官方对 log4j 漏洞的热补丁实现容器逃逸(英文)[地址(opens new window)](https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities/) * AWS 创建后门的几种方法(英文)[地址(opens new window)](https://mystic0x1.github.io/posts/methods-to-backdoor-an-aws-account) * AWS 权限提升(英文)[地址 (opens new window)](https://github.com/RhinoSecurityLabs/AWS-IAM-Privilege-Escalation) **Azure** * 微软云 对象存储攻防 [地址(opens new window)](https://zone.huoxian.cn/d/940) * 微软云 VM 攻防 [地址(opens new window)](https://zone.huoxian.cn/d/1083-vm) * Azure Cloud Shell 命令注入窃取用户的访问令牌(英文)[地址(opens new window)](https://blog.lightspin.io/azure-cloud-shell-command-injection-stealing-users-access-tokens) * Azure 资源收集项目 Awesome-Azure-Pentest [地址 (opens new window)](https://github.com/Kyuu-Ji/Awesome-Azure-Pentest) `由「橘子怪」师傅补充,感谢支持` **GCP** * 谷歌云 对象存储攻防 [地址(opens new window)](https://zone.huoxian.cn/d/931) * 谷歌云 Compute Engine 攻防 [地址(opens new window)](https://zone.huoxian.cn/d/1043-compute-engine) * Google Cloud Shell 命令注入(英文)[地址(opens new window)](https://bugra.ninja/posts/cloudshell-command-injection) * GCP 渗透测试笔记(英文)[地址(opens new window)](https://0xd4y.com/2022/10/01/GCP-Penetration-Testing-Notes/) **阿里云** * 阿里云 OSS 对象存储攻防 [地址(opens new window)](https://zone.huoxian.cn/d/918-oss) * 阿里云 ECS 攻防 [地址(opens new window)](https://zone.huoxian.cn/d/1064-ecs) * 从云服务器 SSRF 漏洞到接管你的阿里云控制台 [地址(opens new window)](https://wiki.teamssix.com/CloudService/EC2/aliyun-console-takeover.html) * 我用 CF 打穿了他的云上内网 [地址(opens new window)](https://zone.huoxian.cn/d/1341-cf) * 记录一次平平无奇的云上攻防过程 [地址(opens new window)](https://zone.huoxian.cn/d/2557) * 一次简单的"云"上野战记录 [地址(opens new window)](https://mp.weixin.qq.com/s/wi8CoNwdpfJa6eMP4t1PCQ) * 记一次打穿云上内网的攻防实战 [地址(opens new window)](https://zone.huoxian.cn/d/2766) **腾讯云** * 腾讯云 COS 对象存储攻防 [地址(opens new window)](https://zone.huoxian.cn/d/949-cos) * 腾讯云服务器攻防(CVM+轻量应用服务器)[地址(opens new window)](https://zone.huoxian.cn/d/1028-cvm) **华为云** * 华为云 OBS 对象存储攻防 [地址(opens new window)](https://zone.huoxian.cn/d/962-obs) * 华为云 ECS 弹性云服务器攻防 [地址(opens new window)](https://zone.huoxian.cn/d/1074-ecs) * 华为云 CTF cloud 非预期解之 k8s 渗透实战 [地址(opens new window)](https://annevi.cn/2020/12/21/%E5%8D%8E%E4%B8%BA%E4%BA%91ctf-cloud%E9%9D%9E%E9%A2%84%E6%9C%9F%E8%A7%A3%E4%B9%8Bk8s%E6%B8%97%E9%80%8F%E5%AE%9E%E6%88%98/) ### [#](https://wiki.teamssix.com/CloudSecurityResources/#_9-%E4%BA%91%E5%8E%9F%E7%94%9F%E6%96%87%E7%AB%A0)9 云原生文章 **综合** * 红蓝对抗中的云原生漏洞挖掘及利用实录 [地址(opens new window)](https://security.tencent.com/index.php/blog/msg/183) * CIS 基准检测手册(英文) [地址 (opens new window)](https://www.cisecurity.org/benchmark/kubernetes)`由「zhengjim」师傅补充,感谢支持` * 浅谈 Linux Cgroup 机制 [地址 (opens new window)](https://zhuanlan.zhihu.com/p/81668069)`由「zxynull」师傅补充,感谢支持` * 保障云和容器安全的十个注意事项(英文)[地址(opens new window)](https://sysdig.com/blog/considerations-securing-cloud-containers/) * CNCF 云原生安全白皮书 v2 [地址(opens new window)](https://github.com/cncf/tag-security/tree/main/security-whitepaper/v2) * awesome-cloud-native-security from Metarget [地址 (opens new window)](https://github.com/Metarget/awesome-cloud-native-security) **Docker** * 特权模式下 Docker 逃逸手法总结 [地址(opens new window)](https://zone.huoxian.cn/d/1071-docker) * 容器逃逸方法检测指北(附检测脚本)[地址(opens new window)](https://zone.huoxian.cn/d/990) * Docker 核心技术与实现原理 [地址 (opens new window)](https://draveness.me/docker/)`由「zxynull」师傅补充,感谢支持` * 容器安全清单 container-security-checklist [地址 (opens new window)](https://github.com/krol3/container-security-checklist) `由「zxynull」师傅补充,感谢支持` **Kubernetes** * 利用 gateway-api,我支配了 kubernetes [地址(opens new window)](https://mp.weixin.qq.com/s/Y4F72s0JSyvjLBN3iNyUZg) * 浅析 k8s 各种未授权攻击方法 [地址(opens new window)](https://zone.huoxian.cn/d/1153-k8s) * 云原生之 Kubernetes 安全 [地址(opens new window)](https://forum.butian.net/share/1095) * RCE 进入内网接管 K8s 并逃逸进 xx 网 [地址(opens new window)](https://mp.weixin.qq.com/s/UvjKHaVzhluc22trF46uBA) * 从零开始的 Kubernetes 攻防 [地址 (opens new window)](https://github.com/neargle/my-re0-k8s-security) **eBPF** * 使用 eBPF 逃逸容器技术分析与实践 [地址 (opens new window)](https://security.tencent.com/index.php/blog/msg/206)`由「zxynull」师傅补充,感谢支持` * 内核态 eBPF 程序实现容器逃逸与隐藏账号rootkit [地址 (opens new window)](https://www.cnxct.com/container-escape-in-linux-kernel-space-by-ebpf/?f=wb&continueFlag=0ba98c50fdecece390192b7dd4adf11d)`由「zxynull」师傅补充,感谢支持` * 基于 eBPF 实现容器运行时安全 [地址 (opens new window)](https://www.ebpf.top/post/ebpf_container_security/)`由「zxynull」师傅补充,感谢支持` * 初探 eBPF [地址(opens new window)](https://mp.weixin.qq.com/s/GvWKY4M5YvorC4JF2ztUvQ) **Terraform** * Terraform 中文教程 [地址(opens new window)](https://lonegunmanb.github.io/introduction-terraform/) * Terraform 使用入门以及在云上攻防中的作用 [地址(opens new window)](https://wiki.teamssix.com/CloudNative/Terraform/terraform-introductory.html) **APISIX** * APISIX CVE-2022-29266 漏洞分析与复现 [地址(opens new window)](https://mp.weixin.qq.com/s/Un-9y_UhWDw9svHKb-JQVQ) **CI/CD** * CI/CD 攻击场景 - KCon 2023 议题 [地址 (opens new window)](https://github.com/knownsec/KCon/blob/master/2023/CICD%E6%94%BB%E5%87%BB%E5%9C%BA%E6%99%AF.pdf)`由「宅独青年」师傅补充,感谢支持` ## [#](https://wiki.teamssix.com/CloudSecurityResources/#_0x02-%E5%B7%A5%E5%85%B7)0x02 工具 🛠 ### [#](https://wiki.teamssix.com/CloudSecurityResources/#_1-%E4%BA%91%E6%9C%8D%E5%8A%A1%E5%B7%A5%E5%85%B7)1 云服务工具 #### [#](https://wiki.teamssix.com/CloudSecurityResources/#%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7)辅助工具 **综合** * 在线搜索目标网站下的云资产 recon.cloud [地址(opens new window)](https://recon.cloud/) * 在线多云管理平台 行云管家 [地址 (opens new window)](https://www.cloudbility.com/)`由「半人间丶」师傅补充,感谢支持` * AK 等敏感信息查找工具 trufflehog [地址 (opens new window)](https://github.com/trufflesecurity/trufflehog) * 多云基线扫描工具 ScoutSuite [地址 (opens new window)](https://github.com/nccgroup/ScoutSuite) * 云安全态势管理工具 CloudSploit [地址 (opens new window)](https://github.com/aquasecurity/cloudsploit) `由「da Vinci【达文西】」师傅补充,感谢支持` * 基础设施关系绘制工具 Cartography [地址 (opens new window)](https://github.com/lyft/cartography) * 多云对象存储管理工具 qiniuClient [地址 (opens new window)](https://github.com/willnewii/qiniuClient) `由「半人间丶」师傅补充,感谢支持` * 云渗透信息收集工具 cloudfox [地址 (opens new window)](https://github.com/BishopFox/cloudfox) * 云服务资源枚举工具 cloud\_enum [地址 (opens new window)](https://github.com/initstring/cloud_enum) * 开源多云安全合规扫描平台 RiskScanner [地址 (opens new window)](https://github.com/riskscanner/riskscanner) `由「想走安全的小白」师傅补充,感谢支持` * 多云对象存储扫描工具 Cloud-Bucket-Leak-Detection-Tools [地址 (opens new window)](https://github.com/UzJu/Cloud-Bucket-Leak-Detection-Tools) * 适用于 AWS 和 Azure 的扫描工具 SkyArk [地址 (opens new window)](https://github.com/cyberark/SkyArk) * 云上公开资产枚举 CloudBrute [地址 (opens new window)](https://github.com/0xsha/CloudBrute) * 多云资产收集工具 cloudlist [地址 (opens new window)](https://github.com/projectdiscovery/cloudlist) `由「Kfzz1」师傅补充,感谢支持` * 权限升级路径分析工具 PurplePanda [地址 (opens new window)](https://github.com/carlospolop/PurplePanda) * 云上攻击模拟工具 Leonidas [地址 (opens new window)](https://github.com/WithSecureLabs/leonidas) * 开源的轻量级云管平台 CloudExplorer Lite [地址 (opens new window)](https://github.com/CloudExplorer-Dev/CloudExplorer-Lite) * 红队云操作系统 RedCloudOS [地址 (opens new window)](https://github.com/RedTeamOperations/RedCloud-OS) * 云资产管理工具 cloudTools [地址 (opens new window)](https://github.com/dark-kingA/cloudTools) `由「弱鸡」师傅补充,感谢支持` * 云服务枚举工具 cloud service enum [地址 (opens new window)](https://github.com/NotSoSecure/cloud-service-enum) **AWS** * 在线搜索公开的存储桶 buckets.grayhatwarfare.com [地址(opens new window)](https://buckets.grayhatwarfare.com/) * AWS 文档 GPT 工具 [地址(opens new window)](https://www.awsdocsgpt.com/) * AWS S3 浏览器 S3 Browser [地址 (opens new window)](https://s3browser.com/)`由「Poker」师傅补充,感谢支持` * 本地 AWS 环境部署工具 LocalStack [地址 (opens new window)](https://github.com/localstack/localstack) `由「Esonhugh」师傅补充,感谢支持` * AWS 官方 CLI 工具 [地址 (opens new window)](https://github.com/aws/aws-cli) * AWS 环境分析工具 CloudMapper [地址 (opens new window)](https://github.com/duo-labs/cloudmapper) * S3 策略扫描工具 S3Scanner [地址 (opens new window)](https://github.com/sa7mon/S3Scanner) * AWS IAM 权限枚举工具 Principal Mapper [地址 (opens new window)](https://github.com/nccgroup/PMapper) * AWS IAM 权限枚举工具 enumerate-iam [地址 (opens new window)](https://github.com/andresriancho/enumerate-iam) * S3 公开存储桶密钥扫描工具 S3cret Scanner [地址 (opens new window)](https://github.com/Eilonh/s3crets_scanner) * AWS 常见配置错误审计工具 YATAS [地址 (opens new window)](https://github.com/padok-team/yatas) * 检测多云环境中存在 dangling DNS 记录的工具 findmytakeover [地址 (opens new window)](https://github.com/anirudhbiyani/findmytakeover) * Route53/CloudFront 漏洞评估工具 [地址 (opens new window)](https://github.com/prevade/cloudjack) * CloudTrail 日志分析 IAM 权限工具 Cloudtrail2IAM [地址 (opens new window)](https://github.com/carlospolop/Cloudtrail2IAM) **Azure** * Azure 官方 CLI 工具 [地址 (opens new window)](https://github.com/Azure/azure-cli) * Azure MFA 检测工具 [地址 (opens new window)](https://github.com/dafthack/MFASweep) * Azure AD 和 Office 365 的 PowerShell 管理模块 AADInternals [地址 (opens new window)](https://github.com/Gerenios/AADInternals) * BloodHound 收集 Azure 数据工具 AzureHound [地址 (opens new window)](https://github.com/BloodHoundAD/AzureHound) `由「Kfzz1」师傅补充,感谢支持` * Azure AD 信息收集工具 AzureGraph [地址 (opens new window)](https://github.com/JoelGMSec/AzureGraph) `由「Kfzz1」师傅补充,感谢支持` **GCP** * GCP 官方 CLI 工具 [地址(opens new window)](https://cloud.google.com/sdk/gcloud/) * GCP 资源枚举工具 [地址(opens new window)](https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/gcp_enum) * GCP 攻击面资源枚举工具 [地址(opens new window)](https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/gcp_firewall_enum) * GCP 资源分析工具 Hayat [地址 (opens new window)](https://github.com/DenizParlak/hayat) * GCP IAM 权限收集工具 gcp-iam-collector [地址 (opens new window)](https://github.com/marcin-kolda/gcp-iam-collector) * Google Workspace 目录转储工具 Google Workspace Directory Dump Tool [地址 (opens new window)](https://github.com/RedTeamOperations/GoogleWorkspaceDirectoryDump) **阿里云** * 阿里云官方 OSS 管理工具 [地址 (opens new window)](https://github.com/aliyun/oss-browser) `由「半人间丶」师傅补充,感谢支持` * 阿里云官方 CLI 工具 [地址 (opens new window)](https://github.com/aliyun/aliyun-cli) **腾讯云** * 腾讯云轻量服务器管理工具 [地址 (opens new window)](https://www.qqvps.com/d/1011)`由「tanger」师傅补充,感谢支持` * 腾讯云官方 COS 辅助工具 [地址 (opens new window)](https://cosbrowser.cloud.tencent.com/)`由「Esonhugh」师傅补充,感谢支持` * 腾讯云官方 CLI 工具 [地址 (opens new window)](https://github.com/TencentCloud/tencentcloud-cli) **华为云** * 华为云 OBS 官方管理工具 OBS Browser+ [地址(opens new window)](https://support.huaweicloud.com/browsertg-obs/obs_03_1003.html) **天翼云** * 天翼云对象存储连接工具 [地址(opens new window)](https://www.ctyun.cn/document/10000101/10006768) **青云** * 青云官方 CLI 工具 [地址 (opens new window)](https://docsv4.qingcloud.com/user_guide/development_docs/cli/install/install)`由 「苏打养乐多」师傅补充,感谢支持` #### [#](https://wiki.teamssix.com/CloudSecurityResources/#%E5%88%A9%E7%94%A8%E5%B7%A5%E5%85%B7)利用工具 **多云** * 阿里云/腾讯云 AK 资源管理工具 [地址 (opens new window)](https://github.com/wyzxxz/aksk_tool) `由「Esonhugh」师傅补充,感谢支持` * 支持 GUI 的 AWS、GCP 利用工具 Vajra [地址 (opens new window)](https://github.com/TROUBLE-1/Vajra) `由「Kfzz1」师傅补充,感谢支持` **AWS** * AWS 综合利用工具 pacu [地址 (opens new window)](https://github.com/RhinoSecurityLabs/pacu) * AWS 渗透工具集 aws-pentest-tools [地址 (opens new window)](https://github.com/RhinoSecurityLabs/Security-Research/tree/master/tools/aws-pentest-tools) * AWS Lambda 密码喷洒工具 CredKing [地址 (opens new window)](https://github.com/ustayready/CredKing) * AWS AccessKey 泄漏利用工具 awsKeyTools [地址 (opens new window)](https://github.com/Aabyss-Team/awsKeyTools) `由「1derian」和「ShangRui-hash」师傅联合补充,感谢支持` * AWS 渗透测试工具 Endgame [地址 (opens new window)](https://github.com/DavidDikker/endgame) * AWS 控制台接管利用工具 aws\_consoler [地址 (opens new window)](https://github.com/NetSPI/aws_consoler) * AWS 红队利用脚本 Redboto [地址 (opens new window)](https://github.com/ihamburglar/Redboto) * AWS 域控卷影拷贝工具 CloudCopy [地址 (opens new window)](https://github.com/Static-Flow/CloudCopy) **Azure** * Azure 安全评估 PowerShell 工具包 MicroBurst [地址 (opens new window)](https://github.com/NetSPI/MicroBurst) * Azure 红队利用工具 Stormspotter [地址 (opens new window)](https://github.com/Azure/Stormspotter) `由「da Vinci【达文西】」师傅补充,感谢支持` * Azure AD 利用工具集 ROADtools [地址 (opens new window)](https://github.com/dirkjanm/ROADtools) * 枚举、喷洒、渗透 O365 AAD 帐户工具 TeamFiltration [地址 (opens new window)](https://github.com/Flangvik/TeamFiltration) * Azure JWT 令牌操作工具集 TokenTactics [地址 (opens new window)](https://github.com/rvrsh3ll/TokenTactics) * Microsoft 365 安全工具箱 DCToolbox [地址 (opens new window)](https://github.com/DanielChronlund/DCToolbox) * 滥用 Microsoft 365 OAuth 授权流程进行网络钓鱼攻击的概念验证脚本 Microsoft365\_devicePhish [地址 (opens new window)](https://github.com/optiv/Microsoft365_devicePhish) * Azure AD 身份保护 Cookie 重放测试工具 [地址 (opens new window)](https://github.com/jsa2/aadcookiespoof) * 用于攻击 Azure Function 应用程序的 PowerShell 工具 FuncoPop [地址 (opens new window)](https://github.com/NetSPI/FuncoPop) **GCP** * GCP 利用工具集 [地址(opens new window)](https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/gcp_misc) * GCP Bucket 枚举工具 GCPBucketBrute [地址 (opens new window)](https://github.com/RhinoSecurityLabs/GCPBucketBrute) * GCP IAM 权限提升方法 GCP-IAM-Privilege-Escalation [地址 (opens new window)](https://github.com/RhinoSecurityLabs/GCP-IAM-Privilege-Escalation) `由「da Vinci【达文西】」师傅补充,感谢支持` * GCP Token 复用工具 [地址 (opens new window)](https://github.com/RedTeamOperations/GCPTokenReuse) **Google Workspace** * Simple Workspace ATT&CK Tool - SWAT [地址 (opens new window)](https://github.com/elastic/SWAT) **阿里云** * 阿里云 AccessKey 利用工具 aliyun-accesskey-Tools [地址 (opens new window)](https://github.com/mrknow001/aliyun-accesskey-Tools) `由「半人间丶」师傅补充,感谢支持` * 阿里云 ECS、策略组辅助小工具 alicloud-tools [地址 (opens new window)](https://github.com/iiiusky/alicloud-tools) `由「半人间丶」师傅补充,感谢支持` * 阿里云 AccessKey 泄漏利用工具 AliyunAccessKeyTools [地址 (opens new window)](https://github.com/NS-Sp4ce/AliyunAccessKeyTools) `由「半人间丶」师傅补充,感谢支持` **腾讯云** * 腾讯云 AccessKey 利用工具 Tencent\_Yun\_tools [地址 (opens new window)](https://github.com/freeFV/Tencent_Yun_tools) ### [#](https://wiki.teamssix.com/CloudSecurityResources/#_2-%E4%BA%91%E5%8E%9F%E7%94%9F%E5%B7%A5%E5%85%B7)2 云原生工具 #### [#](https://wiki.teamssix.com/CloudSecurityResources/#%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7-2)辅助工具 **综合** * 开源的云原生安全平台 HummerRisk [地址 (opens new window)](https://github.com/HummerRisk/HummerRisk) `由「Ma1tobiose」师傅补充,感谢支持` * 开源云原生安全防护平台 neuvector [地址 (opens new window)](https://github.com/neuvector/neuvector) `由「Idle Life」师傅补充,感谢支持` **Docker** * 一个支持在线分析容器镜像的网站 contains [地址 (opens new window)](https://contains.dev/)`由「zxynull」师傅补充,感谢支持` * 容器镜像分析工具 DIVE [地址 (opens new window)](https://github.com/wagoodman/dive) `由「zxynull」师傅补充,感谢支持` * 镜像扫描工具 trivy [地址 (opens new window)](https://github.com/aquasecurity/trivy) `由「zxynull」师傅补充,感谢支持` * 容器镜像漏洞静态扫描工具 Clair [地址 (opens new window)](https://github.com/quay/clair) `由「zxynull」师傅补充,感谢支持` * 检查生产环境中部署容器的最佳实践 Docker\_Bench\_Security [地址 (opens new window)](https://github.com/docker/docker-bench-security) `由「zxynull」师傅补充,感谢支持` * 原生支持容器的系统可见性工具 sysdig [地址 (opens new window)](https://github.com/draios/sysdig) `由「zxynull」师傅补充,感谢支持` * Docker 镜像扫描工具 Anchore [地址 (opens new window)](https://github.com/anchore/syft/) `由「zxynull」师傅补充,感谢支持` * Docker 静态分析工具 Dagda [地址 (opens new window)](https://github.com/eliasgranderubio/dagda/) `由「zxynull」师傅补充,感谢支持` * 容器逃逸检测工具 container-escape-check [地址 (opens new window)](https://github.com/teamssix/container-escape-check) **Kubernetes** * 基于终端 UI 的 k8s 集群管理工具 k9s [地址 (opens new window)](https://github.com/derailed/k9s) * k8s 异常活动检测工具 Falco [地址 (opens new window)](https://github.com/falcosecurity/falco) `由「zxynull」师傅补充,感谢支持` * CIS 基准检测工具 kube bench [地址 (opens new window)](https://github.com/aquasecurity/kube-bench) `由「zhengjim」师傅补充,感谢支持` * k8s 集群安全漏洞发现工具 kube hunter [地址 (opens new window)](https://github.com/aquasecurity/kube-hunter) `由「zhengjim」师傅补充,感谢支持` * k8s 集群风险权限扫描工具 KubiScan [地址 (opens new window)](https://github.com/cyberark/KubiScan) `由「UzJu」师傅补充,感谢支持` * k8s 安全风险检测工具 StackRox [地址 (opens new window)](https://github.com/stackrox/stackrox)[工具介绍 (opens new window)](https://www.stackrox.io/blog/open-source-stackrox-is-now-available/) `由「m4d3bug」师傅补充,感谢支持` * k8s 安全审计工具 kubestriker [地址 (opens new window)](https://github.com/vchinnipilli/kubestriker) `由「zhengjim」师傅补充,感谢支持` * 基于 kubectl 的红队 k8s 安全评估工具 red kube [地址 (opens new window)](https://github.com/lightspin-tech/red-kube) `由「zhengjim」师傅补充,感谢支持` * k8s 调试辅助工具 validkube [地址 (opens new window)](https://github.com/komodorio/validkube) **Terraform** * Terraform 可视化 [地址 (opens new window)](https://github.com/hieven/terraform-visual) #### [#](https://wiki.teamssix.com/CloudSecurityResources/#%E5%88%A9%E7%94%A8%E5%B7%A5%E5%85%B7-2)利用工具 * 容器渗透工具集 CDK [地址 (opens new window)](https://github.com/cdk-team/CDK) * 容器安全工具集 veinmind-tools [地址 (opens new window)](https://github.com/chaitin/veinmind-tools) * k8s 渗透测试工具 Peirates [地址 (opens new window)](https://github.com/inguardians/peirates) `由「Idle Life」师傅补充,感谢支持` * 容器渗透测试工具 BOtB [地址 (opens new window)](https://github.com/brompwnie/botb) `由「Idle Life」师傅补充,感谢支持` * 容器利用工具 CCAT [地址 (opens new window)](https://github.com/RhinoSecurityLabs/ccat) `由「zhengjim」师傅补充,感谢支持` ## [#](https://wiki.teamssix.com/CloudSecurityResources/#_0x03-%E9%9D%B6%E5%9C%BA)0x03 靶场 🎯 ### [#](https://wiki.teamssix.com/CloudSecurityResources/#%E4%BA%91%E6%9C%8D%E5%8A%A1%E9%9D%B6%E5%9C%BA)云服务靶场 * 在线收费的包含云安全实验的靶场 Attack Defense [地址(opens new window)](https://attackdefense.pentesteracademy.com/listing?labtype=cloud-services&subtype=cloud-services-amazon-s3) * 在线免费的 AWS 渗透测试靶场 Free AWS Security Labs [地址 (opens new window)](https://pentesting.cloud/)`由「cr」师傅补充,感谢支持` * AWS 靶场部署工具 cloudgoat [地址 (opens new window)](https://github.com/RhinoSecurityLabs/cloudgoat) * 在线多云渗透靶场 pwnedlabs [地址 (opens new window)](https://pwnedlabs.io/)`由「RBPi」师傅补充,感谢支持` * AWS 靶场 AWSGoat [地址 (opens new window)](https://github.com/ine-labs/AWSGoat) * Azure 靶场 AzureGoat [地址 (opens new window)](https://github.com/ine-labs/AzureGoat) `由「Kfzz1」师傅补充,感谢支持` * 多云靶场搭建工具 TerraformGoat [地址 (opens new window)](https://github.com/HuoCorp/TerraformGoat) * AWS IAM 靶场 IAM Vulnerable [地址 (opens new window)](https://github.com/BishopFox/iam-vulnerable) * GCP 靶场部署工具 GCPGoat [地址 (opens new window)](https://github.com/ine-labs/GCPGoat) `由「Kfzz1」师傅补充,感谢支持` ### [#](https://wiki.teamssix.com/CloudSecurityResources/#%E4%BA%91%E5%8E%9F%E7%94%9F%E9%9D%B6%E5%9C%BA)云原生靶场 * WIZ K8s 靶场 WIZ K8S LAN Party [地址 (opens new window)](https://www.k8slanparty.com/)`由「feng」师傅补充,感谢支持` * k8s 靶场部署工具 Kubernetes Goat [地址 (opens new window)](https://github.com/madhuakula/kubernetes-goat) `由「UzJu」师傅补充,感谢支持` * CI/CD 靶场部署工具 [地址 (opens new window)](https://github.com/cider-security-research/cicd-goat) `由「Kfzz1」师傅补充,感谢支持` * 云原生靶场部署工具 metarget [地址 (opens new window)](https://github.com/Metarget/metarget) ## [#](https://wiki.teamssix.com/CloudSecurityResources/#%E8%B4%A1%E7%8C%AE%E8%80%85)
xiaodi
2026年4月30日 16:18
0 条评论
转发
收藏文档
上一篇
下一篇
手机扫码
复制链接
手机扫一扫转发分享
复制链接
分享
链接
类型
密码
更新密码
有效期
Markdown文件
Word文件
PDF文档
PDF文档(打印)