Swahili - Ht Cloud
HackTricks Training Twitter Linkedin Sponsor

AWS - Security Hub Enum

Jifunze kuhusu udukuzi wa AWS kutoka sifuri hadi shujaa na htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)!

Njia nyingine za kusaidia HackTricks:

Kituo cha Usalama

Kituo cha Usalama hukusanya data za usalama kutoka kote kwenye akaunti za AWS, huduma, na bidhaa za washirika wa tatu zinazoungwa mkono na husaidia uchambuzi wa mwenendo wako wa usalama na kutambua masuala ya usalama ya kipaumbele zaidi.

Ina kusanyiko la tahadhari zinazohusiana na usalama kote kwenye akaunti, na hutoa UI ya kuona hizo. Kikwazo kikubwa ni kwamba hakusanyi tahadhari kote kwenye mikoa, bali tu kwenye akaunti.

Sifa

  • Kikanda (matokeo hayavuki mikoa)

  • Msaada wa akaunti nyingi

  • Matokeo kutoka:

    • Guard Duty

    • Config

    • Inspector

    • Macie

    • washirika wa tatu

    • yaliyojizalisha dhidi ya viwango vya CIS

Uchambuzi

# Get basic info
aws securityhub describe-hub

# Get securityhub org config
aws securityhub describe-organization-configuration #If the current account isn't the security hub admin, you will get an error

# Get the configured admin for securityhub
aws securityhub get-administrator-account
aws securityhub get-master-account # Another way
aws securityhub list-organization-admin-accounts # Another way

# Get enabled standards
aws securityhub get-enabled-standards

# Get the findings
aws securityhub get-findings

# Get insights
aws securityhub get-insights

# Get Automation rules (must be from the admin account)
aws securityhub list-automation-rules

# Get members (must be from the admin account)
aws securityhub list-members
aws securityhub get-members --account-ids <acc-id>

Kupita Kugunduliwa

TODO, PRs zinakubaliwa

Marejeo

Jifunze kuhusu udukuzi wa AWS kutoka sifuri hadi shujaa na htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)!

Njia nyingine za kusaidia HackTricks:

PreviousAWS - Macie EnumNextAWS - Shield Enum

Last updated