tag:blogger.com,1999:blog-5890567984672491244.post4883092951267939929..comments2024-03-25T09:26:23.575-04:00Comments on SethSec: Pentest Home Lab - 0x1 - Building Your AD Lab on AWSSeth Arthttp://www.blogger.com/profile/05253599496757968918noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-5890567984672491244.post-86802104475398184812017-06-19T09:16:01.513-04:002017-06-19T09:16:01.513-04:00@Anonymous - Yes. With AWS, the path of least resi...@Anonymous - Yes. With AWS, the path of least resistance (not having to notify AWS) is to attack from a Kali instance within your AWS VPC. From what I have observed, you can do what you want inside your VPC without issue. You need to notify AWS if you are going to attack your instances from something outside your VPC though, like your home network. For this, there is a penetration testing request form. You also need to notify AWS if you are going to attack anything from your instances that is outside your VPC. For this, AWS calls this "simulated events", and if you need that one, reach out to me via email -- I can send you the email address. Hope that helps. Seth Arthttps://www.blogger.com/profile/05253599496757968918noreply@blogger.comtag:blogger.com,1999:blog-5890567984672491244.post-8858025210942659262017-06-16T11:14:29.275-04:002017-06-16T11:14:29.275-04:00Awesome post Seth. I did have a question that was...Awesome post Seth. I did have a question that wasn't covered in your write-up. Are you attacking from AWS Kali machine? If so did you have to request permission through AWS to conduct any testing on the instances you are using?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-5890567984672491244.post-29460661497760979702017-05-11T15:00:54.777-04:002017-05-11T15:00:54.777-04:00EBS Snapshots are half the price of the General Pu...EBS Snapshots are half the price of the General Purpose EBS.<br /> https://aws.amazon.com/ebs/pricing/Jimmynoreply@blogger.comtag:blogger.com,1999:blog-5890567984672491244.post-527253849558912162017-05-11T11:37:18.358-04:002017-05-11T11:37:18.358-04:00Thanks for the comment Jimmy. Good luck and let m...Thanks for the comment Jimmy. Good luck and let me know if there is anything i should add to this post for others. <br /><br />At some point in the future I'm going to investigate exactly how much you can save by taking snapshots and storing them on s3, in the event you know you are not using the lab for a few months. It still costs money, but less money for sure. <br /><br />Another option I want to investigate would be to use some of the automation functionality within AWS to completely build a lab without any interaction. Then you can just terminate and rebuild a few months later when you need it again. Seth Arthttps://www.blogger.com/profile/05253599496757968918noreply@blogger.comtag:blogger.com,1999:blog-5890567984672491244.post-16807866313708701042017-05-11T10:51:03.556-04:002017-05-11T10:51:03.556-04:00This is exactly what I was looking for! I was abou...This is exactly what I was looking for! I was about to set up an on premise lab, but using AWS will be so much easier! After this, I may still set up on premise so I can expand.Jimmynoreply@blogger.comtag:blogger.com,1999:blog-5890567984672491244.post-91254053410530655512017-05-10T12:22:46.963-04:002017-05-10T12:22:46.963-04:00Thanks Jarvis. Once I finish up that post, I can ...Thanks Jarvis. Once I finish up that post, I can finally get to the good stuff. All the cool things you can test once you have your own AD playground!Seth Arthttps://www.blogger.com/profile/05253599496757968918noreply@blogger.comtag:blogger.com,1999:blog-5890567984672491244.post-8197563630376156622017-05-10T10:13:46.054-04:002017-05-10T10:13:46.054-04:00Awesome post Seth! Thanks a lot!
Looking forward t...Awesome post Seth! Thanks a lot!<br />Looking forward to read your next post: Pentest Home Lab - 0x2 - Building Your AD Lab on Premises.<br /><br />CheersJarvishttp://comma.ainoreply@blogger.com