Deployed e85b48b with MkDocs version: 1.6.1

404.html

@@ -1,4 +1,4 @@
-<!doctype html><html lang=en class=no-js> <head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><meta name=description content="Prevent Kali Linux, ParrotOS, and Pentoo Linux from throwing GuardDuty alerts by modifying the User Agent string when using the AWS CLI."><link href=https://hackingthe.cloud/aws/avoiding-detection/guardduty-pentest/ rel=canonical><link href=../../exploitation/Misconfigured_Resource-Based_Policies/misconfigured_iam_role_trust_policy_wildcard_principal/ rel=prev><link href=../guardduty-tor-client/ rel=next><link rel=alternate type=application/rss+xml title="RSS feed" href=../../../feed_rss_created.xml><link rel=alternate type=application/rss+xml title="RSS feed of updated content" href=../../../feed_rss_updated.xml><link rel=icon href=../../../assets/favicon.png><meta name=generator content="mkdocs-1.6.1, mkdocs-material-9.5.44+insiders-4.53.14"><title>Bypass GuardDuty Pentest Findings for the AWS CLI - Hacking The Cloud</title><link rel=stylesheet href=../../../assets/stylesheets/main.12320a83.min.css><link rel=stylesheet href=../../../assets/stylesheets/palette.ab4e12ef.min.css><link rel=preconnect href=https://fonts.gstatic.com crossorigin><link rel=stylesheet href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback"><style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style><link rel=stylesheet href=../../../stylesheets/extra.css><script>__md_scope=new URL("../../..",location),__md_hash=e=>[...e].reduce(((e,_)=>(e<<5)-e+_.charCodeAt(0)),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script><meta property=og:type content=website><meta property=og:title content="Bypass GuardDuty Pentest Findings for the AWS CLI - Hacking The Cloud"><meta property=og:description content="Prevent Kali Linux, ParrotOS, and Pentoo Linux from throwing GuardDuty alerts by modifying the User Agent string when using the AWS CLI."><meta property=og:image content=https://hackingthe.cloud/assets/images/social/aws/avoiding-detection/guardduty-pentest.png><meta property=og:image:type content=image/png><meta property=og:image:width content=1200><meta property=og:image:height content=630><meta content=https://hackingthe.cloud/aws/avoiding-detection/guardduty-pentest/ property=og:url><meta property=twitter:card content=summary_large_image><meta property=twitter:title content="Bypass GuardDuty Pentest Findings for the AWS CLI - Hacking The Cloud"><meta property=twitter:description content="Prevent Kali Linux, ParrotOS, and Pentoo Linux from throwing GuardDuty alerts by modifying the User Agent string when using the AWS CLI."><meta property=twitter:image content=https://hackingthe.cloud/assets/images/social/aws/avoiding-detection/guardduty-pentest.png> <link href="../../../assets/stylesheets/glightbox.min.css" rel="stylesheet"/><style>
+<!doctype html><html lang=en class=no-js> <head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><meta name=description content="Prevent Kali Linux, ParrotOS, and Pentoo Linux from throwing GuardDuty alerts by modifying the User Agent string when using the AWS CLI."><link href=https://hackingthe.cloud/aws/avoiding-detection/guardduty-pentest/ rel=canonical><link href=../../exploitation/Misconfigured_Resource-Based_Policies/misconfigured_iam_role_trust_policy_wildcard_principal/ rel=prev><link href=../guardduty-tor-client/ rel=next><link rel=alternate type=application/rss+xml title="RSS feed" href=../../../feed_rss_created.xml><link rel=alternate type=application/rss+xml title="RSS feed of updated content" href=../../../feed_rss_updated.xml><link rel=icon href=../../../assets/favicon.png><meta name=generator content="mkdocs-1.6.1, mkdocs-material-9.5.45+insiders-4.53.14"><title>Bypass GuardDuty Pentest Findings for the AWS CLI - Hacking The Cloud</title><link rel=stylesheet href=../../../assets/stylesheets/main.12320a83.min.css><link rel=stylesheet href=../../../assets/stylesheets/palette.ab4e12ef.min.css><link rel=preconnect href=https://fonts.gstatic.com crossorigin><link rel=stylesheet href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback"><style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style><link rel=stylesheet href=../../../stylesheets/extra.css><script>__md_scope=new URL("../../..",location),__md_hash=e=>[...e].reduce(((e,_)=>(e<<5)-e+_.charCodeAt(0)),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script><meta property=og:type content=website><meta property=og:title content="Bypass GuardDuty Pentest Findings for the AWS CLI - Hacking The Cloud"><meta property=og:description content="Prevent Kali Linux, ParrotOS, and Pentoo Linux from throwing GuardDuty alerts by modifying the User Agent string when using the AWS CLI."><meta property=og:image content=https://hackingthe.cloud/assets/images/social/aws/avoiding-detection/guardduty-pentest.png><meta property=og:image:type content=image/png><meta property=og:image:width content=1200><meta property=og:image:height content=630><meta content=https://hackingthe.cloud/aws/avoiding-detection/guardduty-pentest/ property=og:url><meta property=twitter:card content=summary_large_image><meta property=twitter:title content="Bypass GuardDuty Pentest Findings for the AWS CLI - Hacking The Cloud"><meta property=twitter:description content="Prevent Kali Linux, ParrotOS, and Pentoo Linux from throwing GuardDuty alerts by modifying the User Agent string when using the AWS CLI."><meta property=twitter:image content=https://hackingthe.cloud/assets/images/social/aws/avoiding-detection/guardduty-pentest.png> <link href="../../../assets/stylesheets/glightbox.min.css" rel="stylesheet"/><style>
     html.glightbox-open { overflow: initial; height: 100%; }
     .gslide-title { margin-top: 0px; user-select: text; }
     .gslide-desc { color: #666; user-select: text; }

aws/avoiding-detection/guardduty-pentest/index.html

@@ -1,4 +1,4 @@
-<!doctype html><html lang=en class=no-js> <head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><meta name=description content="Connect to the Tor network from an EC2 instance without alerting GuardDuty."><link href=https://hackingthe.cloud/aws/avoiding-detection/guardduty-tor-client/ rel=canonical><link href=../guardduty-pentest/ rel=prev><link href=../modify-guardduty-config/ rel=next><link rel=alternate type=application/rss+xml title="RSS feed" href=../../../feed_rss_created.xml><link rel=alternate type=application/rss+xml title="RSS feed of updated content" href=../../../feed_rss_updated.xml><link rel=icon href=../../../assets/favicon.png><meta name=generator content="mkdocs-1.6.1, mkdocs-material-9.5.44+insiders-4.53.14"><title>Bypass GuardDuty Tor Client Findings - Hacking The Cloud</title><link rel=stylesheet href=../../../assets/stylesheets/main.12320a83.min.css><link rel=stylesheet href=../../../assets/stylesheets/palette.ab4e12ef.min.css><link rel=preconnect href=https://fonts.gstatic.com crossorigin><link rel=stylesheet href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback"><style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style><link rel=stylesheet href=../../../stylesheets/extra.css><script>__md_scope=new URL("../../..",location),__md_hash=e=>[...e].reduce(((e,_)=>(e<<5)-e+_.charCodeAt(0)),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script><meta property=og:type content=website><meta property=og:title content="Bypass GuardDuty Tor Client Findings - Hacking The Cloud"><meta property=og:description content="Connect to the Tor network from an EC2 instance without alerting GuardDuty."><meta property=og:image content=https://hackingthe.cloud/assets/images/social/aws/avoiding-detection/guardduty-tor-client.png><meta property=og:image:type content=image/png><meta property=og:image:width content=1200><meta property=og:image:height content=630><meta content=https://hackingthe.cloud/aws/avoiding-detection/guardduty-tor-client/ property=og:url><meta property=twitter:card content=summary_large_image><meta property=twitter:title content="Bypass GuardDuty Tor Client Findings - Hacking The Cloud"><meta property=twitter:description content="Connect to the Tor network from an EC2 instance without alerting GuardDuty."><meta property=twitter:image content=https://hackingthe.cloud/assets/images/social/aws/avoiding-detection/guardduty-tor-client.png> <link href="../../../assets/stylesheets/glightbox.min.css" rel="stylesheet"/><style>
+<!doctype html><html lang=en class=no-js> <head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><meta name=description content="Connect to the Tor network from an EC2 instance without alerting GuardDuty."><link href=https://hackingthe.cloud/aws/avoiding-detection/guardduty-tor-client/ rel=canonical><link href=../guardduty-pentest/ rel=prev><link href=../modify-guardduty-config/ rel=next><link rel=alternate type=application/rss+xml title="RSS feed" href=../../../feed_rss_created.xml><link rel=alternate type=application/rss+xml title="RSS feed of updated content" href=../../../feed_rss_updated.xml><link rel=icon href=../../../assets/favicon.png><meta name=generator content="mkdocs-1.6.1, mkdocs-material-9.5.45+insiders-4.53.14"><title>Bypass GuardDuty Tor Client Findings - Hacking The Cloud</title><link rel=stylesheet href=../../../assets/stylesheets/main.12320a83.min.css><link rel=stylesheet href=../../../assets/stylesheets/palette.ab4e12ef.min.css><link rel=preconnect href=https://fonts.gstatic.com crossorigin><link rel=stylesheet href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback"><style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style><link rel=stylesheet href=../../../stylesheets/extra.css><script>__md_scope=new URL("../../..",location),__md_hash=e=>[...e].reduce(((e,_)=>(e<<5)-e+_.charCodeAt(0)),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script><meta property=og:type content=website><meta property=og:title content="Bypass GuardDuty Tor Client Findings - Hacking The Cloud"><meta property=og:description content="Connect to the Tor network from an EC2 instance without alerting GuardDuty."><meta property=og:image content=https://hackingthe.cloud/assets/images/social/aws/avoiding-detection/guardduty-tor-client.png><meta property=og:image:type content=image/png><meta property=og:image:width content=1200><meta property=og:image:height content=630><meta content=https://hackingthe.cloud/aws/avoiding-detection/guardduty-tor-client/ property=og:url><meta property=twitter:card content=summary_large_image><meta property=twitter:title content="Bypass GuardDuty Tor Client Findings - Hacking The Cloud"><meta property=twitter:description content="Connect to the Tor network from an EC2 instance without alerting GuardDuty."><meta property=twitter:image content=https://hackingthe.cloud/assets/images/social/aws/avoiding-detection/guardduty-tor-client.png> <link href="../../../assets/stylesheets/glightbox.min.css" rel="stylesheet"/><style>
     html.glightbox-open { overflow: initial; height: 100%; }
     .gslide-title { margin-top: 0px; user-select: text; }
     .gslide-desc { color: #666; user-select: text; }

aws/avoiding-detection/guardduty-tor-client/index.html

@@ -1,4 +1,4 @@
-<!doctype html><html lang=en class=no-js> <head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><meta name=description content="Modify existing GuardDuty configurations in the target account to hinder alerting and remediation capabilities."><link href=https://hackingthe.cloud/aws/avoiding-detection/modify-guardduty-config/ rel=canonical><link href=../guardduty-tor-client/ rel=prev><link href=../steal-keys-undetected/ rel=next><link rel=alternate type=application/rss+xml title="RSS feed" href=../../../feed_rss_created.xml><link rel=alternate type=application/rss+xml title="RSS feed of updated content" href=../../../feed_rss_updated.xml><link rel=icon href=../../../assets/favicon.png><meta name=generator content="mkdocs-1.6.1, mkdocs-material-9.5.44+insiders-4.53.14"><title>Modify GuardDuty Configuration - Hacking The Cloud</title><link rel=stylesheet href=../../../assets/stylesheets/main.12320a83.min.css><link rel=stylesheet href=../../../assets/stylesheets/palette.ab4e12ef.min.css><link rel=preconnect href=https://fonts.gstatic.com crossorigin><link rel=stylesheet href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback"><style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style><link rel=stylesheet href=../../../stylesheets/extra.css><script>__md_scope=new URL("../../..",location),__md_hash=e=>[...e].reduce(((e,_)=>(e<<5)-e+_.charCodeAt(0)),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script><meta property=og:type content=website><meta property=og:title content="Modify GuardDuty Configuration - Hacking The Cloud"><meta property=og:description content="Modify existing GuardDuty configurations in the target account to hinder alerting and remediation capabilities."><meta property=og:image content=https://hackingthe.cloud/assets/images/social/aws/avoiding-detection/modify-guardduty-config.png><meta property=og:image:type content=image/png><meta property=og:image:width content=1200><meta property=og:image:height content=630><meta content=https://hackingthe.cloud/aws/avoiding-detection/modify-guardduty-config/ property=og:url><meta property=twitter:card content=summary_large_image><meta property=twitter:title content="Modify GuardDuty Configuration - Hacking The Cloud"><meta property=twitter:description content="Modify existing GuardDuty configurations in the target account to hinder alerting and remediation capabilities."><meta property=twitter:image content=https://hackingthe.cloud/assets/images/social/aws/avoiding-detection/modify-guardduty-config.png> <link href="../../../assets/stylesheets/glightbox.min.css" rel="stylesheet"/><style>
+<!doctype html><html lang=en class=no-js> <head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><meta name=description content="Modify existing GuardDuty configurations in the target account to hinder alerting and remediation capabilities."><link href=https://hackingthe.cloud/aws/avoiding-detection/modify-guardduty-config/ rel=canonical><link href=../guardduty-tor-client/ rel=prev><link href=../steal-keys-undetected/ rel=next><link rel=alternate type=application/rss+xml title="RSS feed" href=../../../feed_rss_created.xml><link rel=alternate type=application/rss+xml title="RSS feed of updated content" href=../../../feed_rss_updated.xml><link rel=icon href=../../../assets/favicon.png><meta name=generator content="mkdocs-1.6.1, mkdocs-material-9.5.45+insiders-4.53.14"><title>Modify GuardDuty Configuration - Hacking The Cloud</title><link rel=stylesheet href=../../../assets/stylesheets/main.12320a83.min.css><link rel=stylesheet href=../../../assets/stylesheets/palette.ab4e12ef.min.css><link rel=preconnect href=https://fonts.gstatic.com crossorigin><link rel=stylesheet href="https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback"><style>:root{--md-text-font:"Roboto";--md-code-font:"Roboto Mono"}</style><link rel=stylesheet href=../../../stylesheets/extra.css><script>__md_scope=new URL("../../..",location),__md_hash=e=>[...e].reduce(((e,_)=>(e<<5)-e+_.charCodeAt(0)),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script><meta property=og:type content=website><meta property=og:title content="Modify GuardDuty Configuration - Hacking The Cloud"><meta property=og:description content="Modify existing GuardDuty configurations in the target account to hinder alerting and remediation capabilities."><meta property=og:image content=https://hackingthe.cloud/assets/images/social/aws/avoiding-detection/modify-guardduty-config.png><meta property=og:image:type content=image/png><meta property=og:image:width content=1200><meta property=og:image:height content=630><meta content=https://hackingthe.cloud/aws/avoiding-detection/modify-guardduty-config/ property=og:url><meta property=twitter:card content=summary_large_image><meta property=twitter:title content="Modify GuardDuty Configuration - Hacking The Cloud"><meta property=twitter:description content="Modify existing GuardDuty configurations in the target account to hinder alerting and remediation capabilities."><meta property=twitter:image content=https://hackingthe.cloud/assets/images/social/aws/avoiding-detection/modify-guardduty-config.png> <link href="../../../assets/stylesheets/glightbox.min.css" rel="stylesheet"/><style>
     html.glightbox-open { overflow: initial; height: 100%; }
     .gslide-title { margin-top: 0px; user-select: text; }
     .gslide-desc { color: #666; user-select: text; }