Tuesday, April 14, 2020

Serverless Prey - Serverless Functions For Establishing Reverse Shells To Lambda, Azure Functions, And Google Cloud Functions


Serverless Prey is a collection of serverless functions (FaaS), that, once launched to a cloud environment and invoked, establish a TCP reverse shell, enabling the user to introspect the underlying container:
  • Panther: AWS Lambda written in Node.js
  • Cougar: Azure Function written in C#
  • Cheetah: Google Cloud Function written in Go
This repository also contains research performed using these functions, including documentation on where secrets are stored, how to extract sensitive data, and identify monitoring / incident response data points.

Disclaimer
Serverless Prey functions are intended for research purposes only and should not be deployed to production accounts. By their nature, they provide shell access to your runtime environment, which can be abused by a malicious actor to exfiltrate sensitive data or gain unauthorized access to related cloud services.

Contributors
Eric Johnson - Principal Security Engineer, Puma Security
Brandon Evans - Senior Application Security Engineer, Asurion

Learning More






via KitPloit
This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com

Related word


  1. Tools 4 Hack
  2. Hacker Tools Apk Download
  3. Hack App
  4. Hack Tools For Ubuntu
  5. Hacking Tools 2020
  6. Hacker
  7. Hacking Tools Free Download
  8. Hacker Tools
  9. Hack Tools
  10. Hacker Tools Free Download
  11. Kik Hack Tools
  12. Hacking Tools 2020
  13. Hacker Tools Free
  14. Easy Hack Tools
  15. Pentest Tools Download
  16. Hack Tools
  17. What Is Hacking Tools
  18. Hacker Tools 2019
  19. Hacker Tools For Windows
  20. Physical Pentest Tools
Posted by wear your heart out at 7:51 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)