Skip to content

sppum/aws-security-workshop

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

AWS Security Workshop

In this workshop we will deploy a simple ethical hacking application that enables users to explore vunerabilites. The deployment uses AWS CloudFormation to deploy the Damn Vunerable Web Application (DVWA).

The application architecture uses Amazon EC2, AWS Auto Scaling and Amazon Relational Database Service (Amazon RDS).

See the diagram below for a description of the core infrastrure.

Prerequisites

AWS Account

In order to complete this workshop you'll need an AWS Account with access to create AWS IAM, S3, EC2, VPC, CloudTrail, GuardDuty resources. The code and instructions in this workshop assume only one student is using a given AWS account at a time. If you try sharing an account with another student, you may run into naming conflicts for certain resources. You can work around these by appending a unique suffix to the resources that fail to create due to conflicts, but the instructions do not provide details on the changes required to make this work.

Many of the resources you will launch as part of this workshop are eligible for the AWS free tier if your account is less than 12 months old. See the AWS Free Tier page for more details.

Browser

We recommend you use the latest version of Chrome to complete this workshop.

OpenSSL client

During the lab you will generate a self signed SSL certificate so need access to openssl. You can download the tool for Windows, Linux and Mac here.

Application setup

The application can be launched in the following regions by clicking the launch stack icons below.

Stack Launch
US East (N. Virginia) Launch AWS Security Workshop in us-east-1
US East (Ohio) Launch AWS Security Workshop in us-east-2
US West (Oregon) Launch AWS Security Workshop in us-west-2
EU (Frankfurt) Launch AWS Security Workshop in eu-central-1
EU (Ireland) Launch AWS Security Workshop in eu-west-1
Asia Pacific (Tokyo) Launch AWS Security Workshop in ap-northeast-1
Asia Pacific (Sydney) Launch AWS Security Workshop in ap-southeast-2

Record stack parameters

Once the stack has successfully deployed we need capture a couple of variables generated during the setup for use in the modules. From the CloudFormation click the checkbox for the stack "aws-security-workshop" and in the ribbon below select "Output". Here you will find the URL for the DVWA and the bucket name for S3. Record them both.

DVWA URL

DVWA configuration

Use the DVWA url obtained above to access the site by entering it into your browser. Once the page returns click the "Create / Reset database" button at the bottom of the page.

DVWA

Login with:

Username: admin
Password: password

Modules

There are four modules aligned to a common IT security lifecycle model.

  1. Prevention
  2. Detection
  3. Response
  4. Analysis

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published