add cdk

Author: redteamrecipe

docs/attacks/application.md

@@ -1804,6 +1804,57 @@ requests:
 ```
 
 
+## API
+
+### Category: Broken Access Control
+
+Inadequate enforcement of access controls, allowing unauthorized users to access sensitive resources or perform unauthorized actions.
+Example of attacks: Accessing restricted data or functionality, privilege escalation, horizontal/vertical privilege escalation.
+
+### Category: Excessive Data Exposure
+
+APIs exposing more data than necessary, potentially leaking sensitive information.
+Example of attacks: Exposure of personally identifiable information (PII), financial data, or sensitive business data through API responses.
+
+### Category: Broken Authentication
+
+Flaws in authentication mechanisms that can lead to unauthorized access or account takeover.
+Example of attacks: Credential stuffing, session fixation, brute-forcing authentication tokens or passwords.
+
+### Category: Injection Attacks
+
+Lack of proper input validation and sanitization, enabling attackers to inject malicious code or exploit vulnerabilities.
+Example of attacks: SQL injection, OS command injection, XML/XXE injection, NoSQL injection.
+
+### Category: Improper Error Handling
+
+APIs revealing excessive or sensitive error details, which can aid attackers in exploiting vulnerabilities.
+Example of attacks: Information disclosure, error-based enumeration, bypassing security controls using error messages.
+
+### Category: Security Misconfiguration
+
+Poorly configured API settings, default credentials, or inadequate security configurations.
+Example of attacks: Unauthorized access to API endpoints, access to sensitive configuration data, exploitation of default credentials.
+
+### Category: Insecure Direct Object References
+
+Improper access control mechanisms that allow attackers to directly reference internal objects or resources.
+Example of attacks: Accessing other users' data, tampering with internal object references, bypassing authorization checks.
+
+### Category: Insufficient Logging and Monitoring
+
+Lack of proper logging and monitoring, hindering the detection and response to security incidents.
+Example of attacks: Unauthorized access attempts, API abuse, suspicious activity going unnoticed due to insufficient logging.
+
+### Category: Insecure Serverless Deployments
+
+Security weaknesses in serverless architectures, including issues with configuration, event handling, and access controls.
+Example of attacks: Unauthorized execution of serverless functions, sensitive data exposure through serverless configurations.
+
+### Category: Denial of Service (DoS)
+
+Vulnerabilities that can be exploited to overload or disrupt the availability of API services.
+Example of attacks: Sending excessive requests, resource exhaustion, API rate limiting bypass, flooding API endpoints.
 
 
 ### Ref

docs/attacks/cloud.md

@@ -2179,3 +2179,114 @@ for email in service_account_emails:
 ```
 
 
+
+## AWS cross-account enumeration
+
+```
+weirdAAL.py cross_account_enum
+```
+
+## Privilege escalation through EC2 metadata   
+
+```
+weirdAAL.py ec2_metadata
+```
+
+## Enumeration of AWS Systems Manager parameters   
+
+```
+weirdAAL.py ssm_enum
+```
+
+## Enumeration of EC2 instances with public IP addresses   
+
+```
+weirdAAL.py public_ec2_enum
+```
+
+## Stealing EC2 instance metadata  
+
+```
+weirdAAL.py steal_metadata
+```
+
+## Privilege escalation by attaching an EC2 instance profile   
+
+```
+weirdAAL.py attach_instance_profile
+```
+
+## Enumeration of Elastic Beanstalk environments with public access    
+
+```
+weirdAAL.py public_eb_enum
+```
+
+## Privilege escalation through hijacking AWS CLI sessions 
+
+```
+weirdAAL.py hijack_cli
+```
+
+## Enumeration of ECR repositories with public access  
+
+```
+weirdAAL.py public_ecr_enum
+```
+
+## Privilege escalation through hijacking AWS SDK sessions 
+
+```
+weirdAAL.py hijack_sdk
+```
+
+## Enumeration of ECS clusters and services    
+
+```
+weirdAAL.py ecs_enum
+```
+
+## Privilege escalation through assumed role sessions 
+
+```
+weirdAAL.py assume_role
+```
+
+## Enumeration of AWS Glue Data Catalog databases 
+
+```
+weirdAAL.py glue_enum
+```
+
+## Privilege escalation through EC2 instance takeover  
+
+```
+weirdAAL.py ec2_takeover
+```
+
+## Enumeration of open S3 buckets and their contents   
+
+```
+weirdAAL.py s3_enum --list-objects
+```
+
+## Privilege escalation through RDS database credentials   
+
+weirdAAL.py rds_priv_esc
+
+## Enumeration of EKS clusters and associated resources    
+
+```
+weirdAAL.py eks_enum
+```
+
+## Privilege escalation through KMS key policy modifications   
+
+```
+weirdAAL.py kms_priv_esc
+```
+
+
+
+
+

docs/attacks/pipeline.md

@@ -565,3 +565,57 @@ stages:
 
 In the compliant code, each step in the pipeline has an associated security configuration that specifies the necessary roles or permissions required to execute that step. This ensures that only authorized individuals or entities can perform specific actions in the pipeline.
 
+
+
+
+
+## Insecure Configurations
+
+Inadequate or insecure configuration settings within CI/CD tools and platforms.
+Example of attacks: Unauthorized access to build pipelines, exposure of sensitive credentials, misconfigured access controls.
+
+## Vulnerability Management
+
+Inadequate or ineffective management of vulnerabilities in CI/CD processes and artifacts.
+Example of attacks: Exploitation of known vulnerabilities in application dependencies, outdated software components.
+
+## Inadequate Secrets Management
+
+Poor handling of sensitive information such as API keys, passwords, and certificates.
+Example of attacks: Disclosure of secrets through repository leaks, unauthorized access to production environments.
+
+## Insecure Third-Party Integrations
+
+Integration of untrusted or vulnerable third-party services or libraries in CI/CD workflows.
+Example of attacks: Supply chain attacks, malicious code injection through compromised dependencies.
+
+## Weak Access Controls
+
+Insufficient controls and monitoring of access to CI/CD pipelines, repositories, and build systems.
+Example of attacks: Unauthorized modification of build artifacts, privilege escalation, unauthorized access to sensitive data.
+
+## Insider Threats
+
+Risks posed by authorized individuals with malicious intent or accidental actions.
+Example of attacks: Unauthorized modification of CI/CD configurations, sabotage of build pipelines, data exfiltration.
+
+## Lack of Build Integrity
+
+Failure to ensure the integrity and authenticity of build artifacts throughout the CI/CD process.
+Example of attacks: Injection of malicious code or backdoors into build artifacts, tampering with deployment packages.
+
+## Inadequate Testing
+
+Insufficient or ineffective testing of CI/CD pipelines, leading to undetected vulnerabilities.
+Example of attacks: Exploitation of untested code paths, introduction of vulnerable code during the build process.
+
+## Insufficient Monitoring and Logging
+
+Lack of real-time monitoring and comprehensive logging for CI/CD activities and events.
+Example of attacks: Difficulty in identifying and responding to security incidents, delayed detection of unauthorized activities.
+
+## Lack of Compliance and Governance
+
+Failure to adhere to security policies, industry regulations, and compliance requirements in CI/CD workflows.
+Example of attacks: Non-compliance with data protection standards, regulatory fines, legal implications.
+

docs/mlsecops/modelrobustnessandadversarialattacks.md

@@ -587,6 +587,12 @@ jobs:
 This example demonstrates how to request a deployment review from the security team before deploying the application. The cml-pr action is used to create a pull request with a specific title, body, and assignee. This allows the security team to review and approve the deployment before it is executed.
 
 
+## Automate Machine Learning Lifecycle
+
+https://github.com/microsoft/nni
+
+
+
 ## Resources
 
 * https://github.com/devopscube/how-to-mlops