Posted in AWSPTwK, Blog, Review

Book Review: Hands-On AWS Penetration Testing with Kali Linux

Alright, book done time for a book review. I think this one merits a review with recommendations for labbing effectively because while a great book in many ways, there were some huge points of frustration.

Overall Impression

Biggest takeaway – don’t let the issues scare you away. If you are wanting to improve your AWS pentesting skills, this is a valuable read. There are parts that were more general pentesting than AWS pentesting, but I understand including that info for context and to make the book available for a wider audience. I really liked the parts that focused on the AWS aspects. It’s worth your time, but I think you might be able to work through the book more efficiently than I did. There were some things that weren’t clear, some errata, and other things that you often see in tech books. I hope that my notes can help people work through the labs with less frustration than I had.

Thoughts on order

I feel like the organization of the book was modified at some point based on the mismatch of where things were in the Github versus the book chapters. I also think since some of the later sections went through setting things up in greater detail than earlier sections, that supports an order revision later in the writing process. I totally get it – something of this scope is insanely difficult to get to press and keep things connected. The AWS documentation is strong enough to help you get through missing pieces, but it would have been helpful to have certain things earlier.

The order as presented was reasonable – it was more a few pieces had more details later in the book that made it look like it got moved. I would have liked the Pacu chapter at the start of using Pacu. I understand the placement – I just would have preferred the info upfront.

Do you need to do X chapter?

If you want to focus on AWS, you can basically skip sections 1 and 2. Those are really focused on setting up Kali and then using traditional pentesting techniques, just targeting an EC2 instance. You can pick and choose the things that interest you and be ok. You don’t “need” to do all of the chapters if you are wanting to just learn more about specific services. I would recommend doing the IAM and logging portions since those do impact the other services, but you can do the book piecewise if you want.

Do you need to keep X for future chapters?

For the most part, the chapters can standalone. Especially if you have familiarity with AWS. Sections 1 and 2 built on each other a bit, but after that everything should be doable with some minimal additional setup. If you have an AWS lab set up already, you should be able to user a fair amount for this book. Setting up a VPC is something that you will need to do, but it’s not used for everything. The VPC and IAM users/roles are the big things that you need throughout the book. Having a couple S3 buckets available to make public and exploitable as needed is also helpful, but those are so easy to create that making new ones isn’t a big deal. Honestly, it’s all so easy to spin up that the only thing that I would want to keep setup is the Kali instance that had been setup with Guacamole. I didn’t use it for a lot of the later stuff, but you might want to for the pentesting stuff. Since that involved some setup, even just saving it as an AMI that you can create and terminate as needed would be worth it.

Who would benefit from this book?

I feel like this book was a good match for my pentesting skill level. There were a lot of familiar things that were nice to refresh and lots of new things. I think a beginner to pentesting with a decent tech background would be okay, but there would be a fair amount of frustration. For more experienced pentesters who want targeted AWS info, pick and choose what you are looking for. For cloud folks, good info on securing AWS with ideas you can transfer to other platforms. I would not recommend the book for complete beginners (little/no knowledge of networking, security concepts, etc.). But if you’ve got some basic IT experience or are adventurous, go for it.

I noticed a fair amount of frustration from book club members with the initial few chapters. I think it scared some people off from working through the rest of the book because it was taking a lot of time. I know I spent a ton of time trying to get the forensics stuff to work, and when you keep running into roadblocks when you are following the labs, the ROI drops significantly. I’m not sure how much of that the authors could have eliminated given how quickly cloud moves. There are some things that should have been caught (like how forensics work on EXT4…), and I think a little more frustration than I’ve had with labs in other books. But not enough to scare me off from other Packt books or say don’t bother with this particular book.

Costs and how to minimize cost

My costs ran about $10.00 to $15.00 USD each month, and it took me about 6 months to complete. You can definitely work through this more quickly if you are focused. I was doing this on the schedule with book club and had my CASP+ exam in there, plus the whole COVID-19 pandemic thing and work and life. You can reduce costs by terminating your EC2 instances – this and stopping the EC2 instances when you aren’t actively using them are the best ways you can minimize your costs. I used micro instances for most things and boosted my Kali instance up to a medium or large when I needed more power. I also used a CIS image for the Win 2008 R2 server, which had some minimal costs. You can opt for free OS options to further keep costs down.

Realistically, after the initial portion, you don’t have to keep any of the EC2 instances running. You can save your Kali instance as an AMI and pop it up as needed, but I did very little with the created instances after section 2. Without the EC2 instances, the spend would have probably been less than $5.00 USD per month. I also removed the RDS I created once finished because that service can add up. Overall, a very affordable book to work through if you are taking steps to minimize your costs.

Quick list:

  • Total cost was $10.00 – $15.00 USD per month, for a total cost of around $70.00 USD.
  • By terminating the EC2 instances after section 2, cost could have likely been reduced by half.
  • Shut down EC2 instances when not in use.
  • Use the smallest EC2 instance possible and only increase size when needed.

Parting thoughts

Overall, I really enjoyed working through this book. I had a lot of frustrating moments, but I like figuring stuff out. That led to spending more time trying to troubleshoot than I probably should have spent, but I consider that learning experience. I would have liked the info about if things would be needed as the book moved along just to help with cost management. I hope the pieces I’ve put down here and throughout the blogs give enough info for others to learn from my experience and keep their costs down even further.

I would definitely encourage others to blog their notes in at least some format (for anything you are working through). I’m finding it a great way to stay accountable as I work through things. And I know I internalize the information better writing it out for someone else to read. Plus it helps remind you of what you have done and at least point you in the right direction when you can’t remember exactly what you did.

Author:

Lifelong paradox - cyber sec enthusiast - loves to learn

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.