intro to cloud hacking (leaky buckets)
Ғылым және технология
Want to learn more? Make IT (and hacking) your job by learning skills from ITPro: ntck.co/itprotv (30% off FOREVER) *affiliate link
In this video, you'll learn how to hack the cloud, specifically Amazon S3. We'll cover what S3 buckets are, security basics, how to set up a bucket, how to set up AWS CLI, and how to use AWS Bucket Dump. We'll also explore some common flaws in S3 buckets and how to exploit them, using examples from flaws.cloud. To get started, all you need is a Linux machine (Ubuntu or Kali Linux), and a free AWS account if you want to try some of the more advanced steps.
Keep in mind that the techniques demonstrated in this video should only be used ethically and with explicit permission. We'll also provide resources for further learning, including the ITPro by ACI Learning Intro to AWS Pentesting course.
If you're interested in learning more about cloud security and ethical hacking, this video is for you. Don't forget to hit subscribe and turn on notifications for more videos like this!
Resources mentioned in the video:
-ITPro by ACI Learning (use code "networkchuck" for 30% off forever): itpro.tv
-Flaws.cloud: flaws.cloud
-AWS CLI: docs.aws.amazon.com/cli/lates...
-Grayhatwarefare: buckets.grayhatwarfare.com/
-AWS Bucket Dump: github.com/jordanpotti/AWSBuc...
-Worst S3 Hacks: businessinsights.bitdefender....
🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy
**Sponsored by ITPro from ACI learning
SUPPORT NETWORKCHUCK
---------------------------------------------------
➡️NetworkChuck membership: ntck.co/Premium
☕☕ COFFEE and MERCH: ntck.co/coffee
Check out my new channel: ntck.co/ncclips
🆘🆘NEED HELP?? Join the Discord Server: / discord
STUDY WITH ME on Twitch: bit.ly/nc_twitch
READY TO LEARN??
---------------------------------------------------
-Learn Python: bit.ly/3rzZjzz
-Get your CCNA: bit.ly/nc-ccna
FOLLOW ME EVERYWHERE
---------------------------------------------------
Instagram: / networkchuck
Twitter: / networkchuck
Facebook: / networkchuck
Join the Discord server: bit.ly/nc-discord
AFFILIATES & REFERRALS
---------------------------------------------------
(GEAR I USE...STUFF I RECOMMEND)
My network gear: geni.us/L6wyIUj
Amazon Affiliate Store: www.amazon.com/shop/networkchuck
Buy a Raspberry Pi: geni.us/aBeqAL
Do you want to know how I draw on the screen?? Go to ntck.co/EpicPen and use code NetworkChuck to get 20% off!!
fast and reliable unifi in the cloud: hostifi.com/?via=chuck
#aws #s3 #kalilinux
Пікірлер: 303
Want to learn more? Make IT (and hacking) your job by learning skills from ITPro: ntck.co/itprotv (30% off FOREVER) *affiliate link 🔥🔥Join the NetworkChuck Academy!: ntck.co/NCAcademy **Sponsored by ITPro from ACI learning
@ferdinandw.8952
11 ай бұрын
🄵🄸🅁🅂🅃
@GeiPeeruPuutin
11 ай бұрын
25 seconds ago huh
@6Pain
11 ай бұрын
Do a playlist about cloud services your awesome ❤
@ahmedaribi8572
11 ай бұрын
Hey Network Chuck!! I wish you can make a video to help me make a wifi adapter using a Pi Pico! You know, I can't buy a Wifi Adapter and Pi Pico is so helpful. Thanks in advance! I am a big fan and I can't wait for answer!!
@ReligionAndMaterialismDebunked
11 ай бұрын
Early crew 🤓😅😅🔥💚💚💚💚💚💚💚💚💪🏻🤑😌🤝🥳🥳🥰😈👿🐀.
As a cloud penetration tester, I can say with confidence that this is the best tutorial I have seen on intro cloud hacking.
@NenaDarkPrincess
4 ай бұрын
Hey! How did you end up becoming a cloud penetration tester? Would be curious to know :)
This is epic. Network Chuck never makes a bad video. Keep up the good work.
@smith3463
11 ай бұрын
Yes i agree mr roblox chad face
@ReligionAndMaterialismDebunked
11 ай бұрын
:3 Early crew 🤓😅😅🔥💚💚💚💚💚💚💚💚💪🏻🤑😌🤝🥳🥳🥰😈👿🐀.
@ReligionAndMaterialismDebunked
11 ай бұрын
Your comment is epic because it has no grammatical errors, unlike the a average comment. It's also the top comment. 😅🥇🤝
@ReligionAndMaterialismDebunked
11 ай бұрын
:3 Yesh, I've seen Daniel explain Burp Suite on David Bombal's KZread channel before. He's a great teacher! :3
@ExpiredCoupons
11 ай бұрын
Yes, always agree with a fellow Roblox chad face
*Metaspyclub* is a patriot for telling what he sees on a cheater’s text.
you really do inspire and change the world. Positivity is contagious
Hey *Metaspyclub* what an amazing work this has been and with all the crazy detection that you guys make possible. You guys take hacking to a whole new level and get the job done ASAP!!! I'm wondering what are all your personal qualifications?I don't think that it was ever mentioned before.
Hi Chuck, glad to see you're doing well and back to making videos!!! I've been in the industry for quite a few years and stuff like this is sometimes what I need to get excited about tech again and work on my skills. The retrieving of the access key from a past commit was totally cool. I enjoy your enthusiasm and thank you for taking the time to make these videos. Have a good rest of your day! 🙂
This is the first hacking video I had fun watching & actually understood everything. Tysm!
just found your video, thank you for sharing your knowledge.. I like your videos very much !!! learning a lot from them.
Thanks so much for making great hacking videos!
The invisible stairs trick is a classic, keep up the good work...😅
Hey Chuck. Just wanted to reach out. Love your Channel. I'm also in Cyber Security. Been for a while, and I find your channel to be very intriguing. Thank you for all these amazing videos. And yes, let's have some coffee! :)
Fire video as always!
absolutely brilliant !!!! mate
FIRST, Hey network chuck! I have watched your videos for a little while and want to thank you for helping me with all these AMAZING tutorials
I have learned so much from you and Daniel!
Thanks Chuck!
I literally typed out that url, worth it.
Epic ❤
You’re a ninja bro
Great content, as always!
とても有益な情報なので 日本人ですが、チャンネル登録させて頂きました。
There is no doubt that you will rise fast at the apex of your career MetaspyClub . Because you are a very intelligent, smart, hard worker and your work ethic par excellence. Keep going People like you take the IM out of IMpossible by becoming PRO at tackling PROblems. You Rock!.
Hi love your content ❤
I love learning hacking from a non hacker! Thanks for teaching me how to be an unethical hacker! 😈
Nice Chuck :D
Amazing Chuck
Shhhhhhhhhhhh! Bruh. Seriously best video ever.
This is good content like in a good old days,you are the best
Hey Chuck 😊
cool video
Good staff
🔥🔥
Really useful and informative demo - thanks so much !!! Learned more about AWS but for me.....the possible flaws 😘
Lol I watched the whole ad because I wanted to see how you made coffee 😅
Hlo you are best hacker of this world
Dont open random files from foreign buckets like you did in the end! Some of those buckets are designed to be public!
@ReligionAndMaterialismDebunked
11 ай бұрын
:3 Early crew 🤓😅😅🔥💚💚💚💚💚💚💚💚💪🏻🤑😌🤝🥳🥳🥰😈👿🐀.
@ReligionAndMaterialismDebunked
11 ай бұрын
Don't*
@ReligionAndMaterialismDebunked
11 ай бұрын
:D Yesh, I've seen Daniel explain Burp Suite on David Bombal's KZread channel before. He's a great teacher! :3
@quinnherden
11 ай бұрын
@user-re9wu1rm7uwhat service did you purchase?
Please make a video about how to use AWS...
Love ur videos
Subs of mine and I are trying to track down a bucket that we know is public access, but we only have the cloudfront domain forwarder. The game connected to that bucket shutdown in 2017, but for some reason the bucket contents and cdn are active
This was so cool, thanks 👍🏻
Just amazing
how to hide the consumption of a giga that we use at the fiber optic provider
Please make a video of kali tool TBomb please
I'm not through this video yet, but many thanks as always, your enthusiasm always have me excited to learn.
can you please make a video about manual sql injection from url?
@emilne83
11 ай бұрын
SQL injection is not a complex attack. You just need to understand how sql syntax is interpreted. There is a really good xkcd comic that explains it very well. Just google "xkcd explained bobby tables" for a good wiki describing it. To protect against it, thr application should "escape" any special characters before using them in SQL statements. This way things like quotes will be treated as part of the text in the variable rather than something that is to be interpreted by the database engine and thus being prone to exploitation.
love you best teacher ever 🥰
I love your content, still dreaming of episode about relational databases :3
Can u suggest any reading material ,books regarding hacking ,os and cybersecurity
I’m getting into cyber security wanted to ask if getting a mac is a good option ?
love that kind of content! thanks chunk
Can I get a
Love you sir
can you tell what AWS CLI i should install if i run a kali vm on a macbook air m1?
Your content is fire, we need more and moore
So in summary, everything is fine if it is not public, also you can use pre-signed url
I love chuck
Can you please clear my doubt that if i useyour link for itprotv, i will get 30% off on subscriptions payment whether monthly or annually?
Cheers NetworkMates❤
You read my search history
hey bro my kali linux tool Osintgram error for private api error please fix 🤣🤣🤣🤣
❤❤❤❤
your content is like a PowerPoint presentation
❤❤
yo finally
Big fan of India
print("Chuck, I watched all python videos on youtube, and yes I know that there are more, but they are paid, so I was wondering when you will post next video because the last one was 4 months ago. Please we need more python!!!")
I live for this shit man I just love watching your amazing content everyday & learning something new from it thank you!!
Can you help me fix problem on kali Linux I launched airodump-ng and it not show anything help me out😢
When sherry said the part about knowing you are in a relationship with a narcissist and being gaslit, when you start wanting to audio record conversations🤢 That literally made me feel sick. So many times I found myself wanting to do that so I can prove what I am saying is real and the truth but of course then there’s the fear of their reaction when you show them…I’ll be such a horrible person for having/needing to do that. It won’t even matter that WE proved we were right or they were “mistaken” or “forgot/confused” because they will not address the content of the recording and instead berate you for having the audacity to do that and how doing it makes us a horrible person or they’ll pull the “I’m sorry I’m sooOooOoo horrible, why are you even with me” “if you have to do that then we should just be done” they say anything other than taking accountability. The shitty part is some people would use that as a perfect opportunity to get out but sadly even though you are aware, it’s hard to leave. So them threatening scares you into submission, thanks *METASPYCLUB* for the phone evidences, I know I am not a horrible person for doing this but I just needed to know the truth
Yesh, I've seen Daniel explain Burp Suite on David Bombal's KZread channel before. He's a great teacher! :3
@NetworkChuck what are your thoughts on pegasus sp*ware
Every time I am looking for something I need help with for my exams, I first search to see if network chuck made a video on it 😆
WE NEED A SETUP TOUR
Can you bless us with a pegasus video
😮😮
Did you change the Tumbnail?
8 seconds ago? wow
Your videos are so great that even I make videos like you do! Cool video by the way...........
hey netwerk chuk vraag je kan voor router steken mail scant virussen spam tegenhouden peis veel mensen spam beu zijn soort Latta panden tussen router data controleert dan mail binen krijg door router eigenlijke soort virus scanner router beschermt, zou jij zoo iks kunne uit vinden jij bedrijven en mensen zouden handigen zijn
Bro please do create own app video
How do I download nslookup command cuz I don’t have it
surprised you don't weigh your coffee while pouring. as a coffee geek (as well as an IT hack) I need to weigh the water going into my coffee.
hola
Always nice to see your work in this channel! I learn a lot from your videos! But i have a quesion, can we see some termux and android vulnerability in the future? I realy intrested what we can do with termux and how we can interact with other phones useing terminal. Like can we ssh in any phone or something like that? Sory about my english 😅
Hey Chuck glad you’re back mate. I want to know what you think about the future of hacking? And applying AI into defense systems and drones. I’ve been following your channel for quite some time now and want to know what’s your take on this ? Hope to hear from you.
would you make about hacking someone's phones and his file on it?
can you please make a video about ELB AWS also? plsssssssssssss plsssssssssssssssssss pleasssssssssssssssssssssseeee
To check logs in a git repo, the recommended way is the use `git log` or `git log --oneline` instead of digging into the `.git` folder.. that could lead to errors if you don't know what you're doing
24:36 - why python virtual env? because you can create multiple environments where you could install different versions of a package. For example, if you install a python app that requires specific version of the Request module, you need to install that version in your system, but now the version you installed is not compatible with other apps in your system. To solve the problem, you can create multiple virtual environments where you can install different versions of packages based on the requirements of the app.
Hey bro my Kali Linux tool osintgram error private api please fix my problem. 😂😂😂😂😂
They will find reference pictures, comics, and drawings. I love to draw
How to close LAN router fast Ethernet ports?
Hi chuck, can you make a video about csrf because i couldnt make it work. Ur my fav yt tysm for the tutorials.
Could you do a video on books you'd recommend reading. General books that can correlate to IT, but overall beneficial recommendations?!
Can we hack youtube algo?
i'm n1
Using Kali and python
Hi😊
Link Hacking slot situs Indonesia??