AWS External Scanner with New VPC


Overview

This page provides instructions on how to use Prancer to create a PAC config that can be used to run a Pentest on a target web application on AWS using an external scanner. The article outlines the steps for creating the PAC config and setting up an AWS VPC. Once the configuration is set up, the article shows how to run the Pentest and view the results. The provided YAML code also shows how the PAC config should be structured.

  • AWS External Scanner *

AWS Cloud Allow client to create Resources like TaskDefintion,Cluster,SecurityGroup,EC2, S3, VPC, ELB etc. Here we Create Own VPC and which is connected publicly. Using Own VPC created can run Task and make i Pentest on Target Machine

Prancer Pentesting for web application

It will help to create PAC Config, Which is helpful to create AWS Resource and Own VPC, it will help to run Pentest for provided target machine.

Create PAC Config using following Steps (#Note on the scanner selection Page need to select New Pentest under that needs to select External , for New VPC needs to select create new VPC option)

Find Complete PAC File like this

Collection: aws
ConnectionName: aws_connector
CloudType: aws
ApplicatioName: external_safe_001
RiskLevel: safe
Compliance:
- CIS
- HIPAA
ApplicationType: WebScan
Schedule: onetime
Target: <<your target endpoint>>
RescourceID: <<Some Resource ID>>
Scanner:
  Cloud:
    Platform:
      AWS:
        AfterRun: delete
        NewFargate:
          External:
            AccountId: "<<account Id>>"
            Region: us-west-2
            TaskDefinition: pentest-task
            ClusterName: pentest-cluster
            SecurityGroup: pentest-security-group
            ContainerName: prancer-scanner
            SubnetId: 
            VpcCidr: <<VPC Cidr eg. 10.0.0.0/16>>
            VpcId: ""
            SubnetCidr: <<Subnet CIDR eg. 10.0.0.0/24>>
            IGCidr: <<Internet gateway CIDR eg. 0.0.0.0/0>>
AuthenticationMethod: noAuthentication
AddOns:
- accessControl
- ascanrulesBeta
- sqliplugin

Run the Pentest:

  • Click on start button to run the pentest.

../img/pac/attacks/CVE_run_pentest.png

  • After sometimes when the Pentest will complete then can see the results by click on See Latest Results link.

../img/pac/attacks/CVE_see_results.png

  • It will open the Application Security Findings page.

../img/pac/attacks/CVE_pentest_result.png