Cloud Penetration Testing

1. Account Manipulation.
2. Create Account.
3. Implant Container Image.
4. Office Application Startup.
5. Valid Accounts.

1. Impair Defences.
2. Modify Cloud Compute Infrastructure.
3. Unused/Unsupported Cloud Regions.
4. Use Alternate Authentication Material.
5. Valid Accounts.

1. Account Discovery.
2. Cloud Service Dashboard.
3. Cloud Service Discovery.
4. Network Service Scanning.
5. Network Share Discovery.
6. Permission Groups Discovery.
7. Remote System Discovery.
8. Software Discovery.
9. System Information Discovery.
10. System Network Connections Discovery.

1. Data from Cloud Storage Object.
2. Data from Information Repositories.
3. Data Staged.
4. Email Collection.

1. Defacement.
2. Endpoint Denial of Service.
3. Network Denial of Service.
4. Resource Hijacking.