# AWS Attacks and Techniques - [Data Poisoning - Bedrock Knowledge Base](https://www.techwithtyler.dev/cloud-security/aws/aws-offensive-security/aws-attacks-and-techniques/data-poisoning-bedrock-knowledge-base.md): How to poison Amazon Bedrock Knowledge Base - [Enumerate AWS Organization ID](https://www.techwithtyler.dev/cloud-security/aws/aws-offensive-security/aws-attacks-and-techniques/enumerate-aws-organization-id.md): How to enumerate the AWS Organization ID - [Enumerate AWS Account IDs](https://www.techwithtyler.dev/cloud-security/aws/aws-offensive-security/aws-attacks-and-techniques/enumerate-aws-account-ids.md): To maintain security, AWS Account IDs should be handled carefully, even though they are not deemed confidential. While they are not secrets, they can lead to exposure of sensitive resources or data. - [Enumerate AWS IAM Users](https://www.techwithtyler.dev/cloud-security/aws/aws-offensive-security/aws-attacks-and-techniques/enumerate-aws-iam-users.md): Exposure of AWS IAM Usernames can further aid attackers efforts to access an AWS account. Exposure leaves users vulnerable to attacks such as phishing and password-spraying. - [Enumerate (Unauthenticated) IAM Users and Roles](https://www.techwithtyler.dev/cloud-security/aws/aws-offensive-security/aws-attacks-and-techniques/enumerate-unauthenticated-iam-users-and-roles.md): Exploiting an AWS feature of the IAM Role Trust Policy allowing for unauthenticated enumeration of AWS IAM Users and Roles in AWS Accounts. - [Enumerate AWS Public Resources](https://www.techwithtyler.dev/cloud-security/aws/aws-offensive-security/aws-attacks-and-techniques/enumerate-aws-public-resources.md): Public resources like EBS and RDS snapshots or SSM Documents can lead to data and credential leaks. - [Enumerate Secrets in AWS](https://www.techwithtyler.dev/cloud-security/aws/aws-offensive-security/aws-attacks-and-techniques/enumerate-secrets-in-aws.md): Tips and tricks for discovering secrets in AWS - [Generate AWS Console Session](https://www.techwithtyler.dev/cloud-security/aws/aws-offensive-security/aws-attacks-and-techniques/generate-aws-console-session.md): Get access to the AWS console with AWS access keys - [Generate IAM Access Keys from CloudShell](https://www.techwithtyler.dev/cloud-security/aws/aws-offensive-security/aws-attacks-and-techniques/generate-iam-access-keys-from-cloudshell.md): Using an undocumented endpoint, we can leverage CloudShell from the AWS Console and create AWS Access Keys for the logged on user. - [Password Spraying AWS IAM Users](https://www.techwithtyler.dev/cloud-security/aws/aws-offensive-security/aws-attacks-and-techniques/password-spraying-aws-iam-users.md): Performing password spray attacks against AWS console users can lead to successful credentials validation and, in turn, access to the AWS user and AWS account. - [Server Side Request Forgery (SSRF)](https://www.techwithtyler.dev/cloud-security/aws/aws-offensive-security/aws-attacks-and-techniques/server-side-request-forgery-ssrf.md): Server Side Request Forgery attacks can lead to the compromising of AWS EC2 IAM Roles - [Subdomain Takeovers](https://www.techwithtyler.dev/cloud-security/aws/aws-offensive-security/aws-attacks-and-techniques/subdomain-takeovers.md): Compromise a subdomain by taking over resources no longer existing --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.techwithtyler.dev/cloud-security/aws/aws-offensive-security/aws-attacks-and-techniques.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.