Refactor

Sneak71 · Jul 18, 2022 · e55fd30 · e55fd30
1 parent b02698f
commit e55fd30
Show file tree

Hide file tree

Showing 12 changed files with 363 additions and 34 deletions.
diff --git a/LICENSE b/LICENSE
diff --git a/README.md b/README.md
@@ -1,13 +1,20 @@
-# AWS GOAT
+# AWSGoat : A Damn Vulnerable AWS Infrastructure
 
-![1](images/awsgoatlogo.png)
+![1](https://user-images.githubusercontent.com/65826354/179526664-cb123612-7f9a-41fe-bab2-eb6b3b2518d7.png)
 
 Compromising an organization's cloud infrastructure is like sitting on a gold mine for attackers. And sometimes, a simple misconfiguration or a vulnerability in web applications, is all an attacker needs to compromise the entire infrastructure. Since the cloud is relatively new, many developers are not fully aware of the threatscape and they end up deploying a vulnerable cloud infrastructure.
 
 AWSGoat is a vulnerable by design infrastructure on AWS featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfiguration based on services such as IAM, S3, API Gateway, Lambda, EC2, and ECS. AWSGoat mimics real-world infrastructure but with added vulnerabilities. It features multiple escalation paths and is focused on a black-box approach.
 
 The project will be divided into modules and each module will be a separate web application, powered by varied tech stacks and development practices. It will leverage IaC through terraform and GitHub actions to ease the deployment process.
 
+**Presented at**
+
+- [OWASP Singapore Chapter](https://owasp.org/www-chapter-singapore/)
+- [BlackHat USA 2022](https://www.blackhat.com/us-22/arsenal/schedule/index.html#awsgoat--a-damn-vulnerable-aws-infrastructure-27999)
+- [DC 30: Demo Labs](https://forum.defcon.org/node/242059)
+
+
 ## Built With
 
 * AWS
@@ -51,15 +58,15 @@ AWS_ACCOUNT_ID
 AWS_SECRET_ACCESS_KEY
 ```
 
-![2](images/2.png)
+![2](https://user-images.githubusercontent.com/65826354/179526772-16e84787-3ac9-4fd2-b57c-0c794dad5e4f.png)
 
 **Step 3.** From the repository actions tab, run the ``Terraform Apply`` Workflow.
 
-![3](images/3.png)
+![3](https://user-images.githubusercontent.com/65826354/179526776-f03918c2-d944-4480-a098-f9483156b570.png)
 
 **Step 4.** Find the application URL in the Terraform output section.
 
-![4](images/4.png)
+![4](https://user-images.githubusercontent.com/65826354/179526780-b01d5c3f-9968-45e9-b698-a9b1905b32b9.png)
 
 
 ### Manual Installation
@@ -90,7 +97,7 @@ The first module features a serverless blog application utilizing AWS Lambda, S3
 
 Overview of escalation paths for module-1
 
-![10](images/10.png)
+![10](https://user-images.githubusercontent.com/65826354/179526761-7f473e3d-f71c-429d-bf49-16958c5cb7a6.png)
 
 
 **Recommended Browser:** Google Chrome
@@ -112,29 +119,29 @@ Shantanu Kale, Cloud Developer, INE  <[email protected]>
 
 # Solutions
 
-Solutions for all vulnerabilities in the application will be released shortly.
+Module 1 Exploitation Videos: https://youtube.com/playlist?list=PLcIpBb4raSZEMosUmY8KpxPWtjKRMSmNx
 
 # Screenshots
 
 Blog Application HomePage
 
-![5](images/5.png)
+![5](https://user-images.githubusercontent.com/65826354/179526784-2a1d7023-5c6f-4cfb-97b7-74b572b12829.png)
 
 Blog Application Login Portal
 
-![6](images/6.png)
+![6](https://user-images.githubusercontent.com/65826354/179526792-2dad1a3b-f871-4128-a82b-9d1ba3b334f5.png)
 
 Blog Application Register Page
 
-![7](images/7.png)
+![7](https://user-images.githubusercontent.com/65826354/179526796-fa4fa422-ffb5-4ff4-a2eb-1468e9c81fd6.png)
 
 Blog Application Logged in Dashboard
 
-![8](images/8.png)
+![8](https://user-images.githubusercontent.com/65826354/179526801-6eb85d63-b7df-4fac-98f6-8afb834d2f49.png)
 
 Blog Application User Profile
 
-![9](images/9.png)
+![9](https://user-images.githubusercontent.com/65826354/179526804-78f87773-965d-4eee-a5bf-fb1c1d448234.png)
 
 ## Contribution Guidelines
 
@@ -144,4 +151,8 @@ Blog Application User Profile
 
 # License
 
-This program is free software: you can redistribute it and/or modify it under the terms of the MIT License.
+This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License v2 as published by the Free Software Foundation.
+
+This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.
diff --git a/images/10.png b/images/10.png
diff --git a/images/2.png b/images/2.png
diff --git a/images/3.png b/images/3.png
diff --git a/images/4.png b/images/4.png
diff --git a/images/5.png b/images/5.png
diff --git a/images/6.png b/images/6.png
diff --git a/images/7.png b/images/7.png
diff --git a/images/8.png b/images/8.png
diff --git a/images/9.png b/images/9.png
diff --git a/images/awsgoatlogo.png b/images/awsgoatlogo.png