Cloud provider for Penetration Testing

Question

I wish to set up a Kali Linux box on a cloud provider in order to perform same day penetration tests.

The issue I am having is finding a cloud provider such as AWS, Azure etc. for this.

For AWS they require an application to be filled for each penetration test which can take up to 2 days for a reply (which may be to ask more questions), and as far as I can see Azure and Google Cloud only provide guidance on incoming penetration testing rather than the box supplied by them being the origin of the traffic.

When searching for an answer to this I similarly only seem to come up with answers for incoming rather than outgoing traffic.

Are there any good cloud providers for penetration testers which don't require lengthy approvals per test? A one time application with a few days wait would be fine, but having to apply for each test would get in the way of performing same day testing.

Maybe you could just set up a bootable USB Stick with kali on it. So you dont need a cloud provider. — Cyberduck, Aug 21 '18 at 13:49
Short answer: No. Longer answer: all cloud provider need to protect their own ground. Besides the legality issue, all cloud players have some process to detect abnormal network traffics. Pentest activities are abnormal enough to trigger tons of alert and cause the provider to shut you down. — mootmoot, Aug 21 '18 at 15:05
Is there any special reason of using a box in the cloud instead of your own "service equipment" like any other security service provider? Just curious. — Azteca, Aug 22 '18 at 19:09

score 3 · Accepted Answer · answered Aug 21 '18 at 14:05

3

I have been sent an article by Azure Security Program Manager saying that Azure can be used for outgoing penetration testing with a few stipulations, mainly focused around ensuring that the outgoing tests don't affect other Azure users, e.g. outgoing DDoS slowing down the network.

https://blogs.msdn.microsoft.com/azuresecurity/2016/08/29/pen-testing-from-azure-virtual-machines/

answered Aug 21 '18 at 14:05

K92

81
7

1

Well, that kinda answers your question, doesn't it? I'd still collect all the info you have on your use cases and get in touch with Azure directly. They know what they allow users to do. (Also since the link to the Penetration testing overview page is dead...) – SeeYouInDisneyland Aug 21 '18 at 14:21
1

This sounds good, one thing that might be worth checking if you do use Azure, is whether they filter any types of outbound traffic. If you're trying to do something like 65K port scans or something more esoteric like SCTP scanning, you may find that traffic gets blocked :) – Rory McCune Aug 23 '18 at 07:57

score 2 · Answer 2 · answered Aug 21 '18 at 14:40

Azure is fine with Pen Tests as long as their infrastructure is not unlawfully used to access or disrupt other systems on Azure (or without) which you cannot prove that you have the authorization to modify or access. Expect to provide a detailed specification of the kind of tests you wish to conduct including times when you wish to carry them out.

score 1 · Answer 3 · answered Aug 22 '18 at 19:23

A while ago I read a blog about setting up a VPS with a meterpreter listener on Digital Ocean, I think they're really open into that (Rule 2, Specially 3 and 12). The only problem is that they don't support Kali boxes... but as AlwaysLearner stated, you can do the same pentesting with Ubuntu (or even Debian for that matter).

bashCypher · Answer 4 · 2018-08-21T17:47:42.247

If you google "remote server rental" you find many sites with less restrictive rules. Server hosting that is offshore often have very loose rules for the usage of the device. You'll just have to search pricing and the different rules/SLA agreements.

I guess this doesn't technically qualify as "cloud" in the sense of it's a VPC virtualized on shared infrastructure... but it does answer the question of "how do I pentest remotely on a shared service?"

score -5 · Answer 5 · answered Aug 21 '18 at 13:22

-5

If you want to do penetration testing you do not need kali linux. Just get an ubuntu box and install penetration testing apps on it. It works fine.

If you want to hack other people and you want to tell google that you want to do this, its trivial that they will prevent you from doing so. Just dont tell them and do your work.

I might suggest you buy from a provider which is far from your home country. For example if you are in the US buy from hetzner (Germany) or France datacenters.
I also recommend you try to look into WAREZ vps hosting companies. Although this one may not be available to you.

answered Aug 21 '18 at 13:22

AlwaysLearner

499
4
6

5

This is for legitimate penetration tests that clients will be paying for, not hacking unwilling targets. So regardless of whether or not it's Kali the worry would still be the outgoing traffic getting flagged as malicious and blocked which would mean I can't do my job. – K92 Aug 21 '18 at 13:26
If by client you mean you are selling this as a service , then you can not be sure that people will not use it to do malicious stuff. So you have to take risks. I recommend you buy from a broad country so that you dont get into trap of rules if anything goes wrong. – AlwaysLearner Aug 21 '18 at 13:31
2

@AlwaysLearner I'm afraid that you have misunderstood the entire scenario. The OP is not setting up Kali so that anyone can use it. The OP is setting up Kali on a hosted service and from there, the OP wants to conduct penetration testing activities. Cloud service providers might detect the unusual traffic and block it, which would prevent the OP from offering this service. – schroeder Aug 21 '18 at 18:57

Cloud provider for Penetration Testing

5 Answers5