Merge pull request #230 from searabbitx/master

arte-sp00ky

Author: carlospolop

src/pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.md

@@ -81,6 +81,10 @@ aws rds describe-db-cluster-backtracks --db-cluster-identifier <cluster-name>
 
 ## Cluster snapshots
 aws rds describe-db-cluster-snapshots
+aws rds describe-db-cluster-snapshots --include-public --snapshot-type public
+
+## Restore cluster snapshot as new instance
+aws rds restore-db-instance-from-db-snapshot --db-cluster-identifier <ID> --snapshot-identifier <ID>
 
 # Get DB instances info
 aws rds describe-db-instances #username, url, port, vpc, SG, is public?
@@ -92,6 +96,7 @@ aws rds describe-db-instance-automated-backups
 ## Find snapshots
 aws rds describe-db-snapshots
 aws rds describe-db-snapshots --include-public --snapshot-type public
+
 ## Restore snapshot as new instance
 aws rds restore-db-instance-from-db-snapshot --db-instance-identifier <ID> --db-snapshot-identifier <ID> --availability-zone us-west-2a
 

src/pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-rds-unauthenticated-enum/README.md

@@ -34,6 +34,21 @@ aws rds describe-db-snapshots --snapshot-type public [--region us-west-2]
 ## snapshots from other accounts used by the current account
 ```
 
+## Public RDS Cluster Snapshots
+
+Similarly, you can look for cluster snapshots
+
+```bash
+# Public RDS cluster snapshots
+aws rds describe-db-cluster-snapshots --include-public
+
+## Search by account ID
+aws rds describe-db-cluster-snapshots --include-public --query 'DBClusterSnapshots[?contains(DBClusterSnapshotIdentifier, `284546856933:`) == `true`]'
+
+# From the own account you can check if there is any public cluster snapshot with:
+aws rds describe-db-cluster-snapshots --snapshot-type public [--region us-west-2]
+```
+
 ### Public URL template
 
 ```