Last updated
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
AWS CloudFormation is a service designed to streamline the management of AWS resources. It enables users to focus more on their applications running in AWS by minimizing the time spent on resource management. The core feature of this service is the template—a descriptive model of the desired AWS resources. Once this template is provided, CloudFormation is responsible for the provisioning and configuration of the specified resources. This automation facilitates a more efficient and error-free management of AWS infrastructure.
In the following page you can check how to abuse cloudformation permissions to escalate privileges:
AWS - Cloudformation PrivescCheck for secrets or sensitive information in the template, parameters & output of each CloudFormation
AWS CodeStar is a service for creating, managing, and working with software development projects on AWS. You can quickly develop, build, and deploy applications on AWS with an AWS CodeStar project. An AWS CodeStar project creates and integrates AWS services for your project development toolchain. Depending on your choice of AWS CodeStar project template, that toolchain might include source control, build, deployment, virtual servers or serverless resources, and more. AWS CodeStar also manages the permissions required for project users (called team members).
In the following page you can check how to abuse codestar permissions to escalate privileges:
AWS - Codestar PrivescLearn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
