fbpx

A Journey To Scan AWS Public IP Ranges – 1st Part

AWS

Welcome Hackers,

Cloud is a most popular and most efficient way to shift IT infrastructure from local to a non-self managed platform but this kind of offering comes with the responsibility and which cloud provider upfront clear before you or your organization host any kind of application to their infrastructure.

Ever since our team started talking about cloud security (mostly cloud configuration audit, cloud pentesting etc.) every IT person we met in enterprises as well as SMEs is shifting from on-premise infrastructure to cloud (mostly AWS, Google, Azure). That they are secure because now cloud providers have to take care of the security part.

So let me break it to parts where AWS says that the infrastructure we provide is definitely secure but the application is not our responsibility (for further self study refer this link)

So we were clear that the hosted web application, mobile application, APIs, etc. might be vulnerable to something and that is where we started to take it to the next level to find entry point.

Now we was wondering how should we gather all the Public IPs of aws to get started and we find out that aws itself provides CIDR of all public hosted server IP(s) such as LightSail, EC2, etc.

Please refer to this link to get those CIDR

The first thing I needed to do was CIDR to IP mapping and here comes Project Discovery in our mind and a tool called mapcidr powered by ProjectDiscovery.

We started mapping with the simple command mapcidr -cidr 3.2.34.0/26 -silent

We’ll cover the next part of this journey, till then stay tuned and ping us if there is anything that comes to mind.


Surat

Certbar Security

Contact

Office No.

Work Inquiries

Interested in working with us?

Career

Looking for a job opportunity?

Register With:

Work Inquiries

Interested in working with us?

Career

Looking for a job opportunity?

Surat

Certbar Security

Contact

Office No.

Work Inquiries

Interested in working with us?

Career

Looking for a job opportunity?

Register With:

© 2016-[year], Certbar Security. All rights reserved.

© 2016-[year], Certbar Security. All rights reserved.

Please enable JavaScript in your browser to complete this form.
Please enable JavaScript in your browser to complete this form.
Join As:
Interested In Batch:
I agree to bring my own laptop
Please enable JavaScript in your browser to complete this form.
Please enable JavaScript in your browser to complete this form.
Please enable JavaScript in your browser to complete this form.
Please enable JavaScript in your browser to complete this form.
Please enable JavaScript in your browser to complete this form.