Skip to content
/ isolated_network_experiment Public

CDK app to setup an isolated AWS network to experiment with ways of exfiltrating data

18 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

SummitRoute/isolated_network_experiment

BranchesTags

Repository files navigation

This CDK app deploys an isolated network on AWS that does not have restrictive policies for limiting exfil. It does not have flaws that would let an attacker in, but it is not configured in a hardened way that would prevent an attacker with access to the EC2 from exfil'ing data out, so read the associated blog post to be aware of the problems this has. Blog post here: https://summitroute.com/blog/2020/03/31/isolated_networks_on_aws/

This creates an EC2 nad VPC endpoints for SSM so that Session Manager can be used to access the EC2. It also creates VPC endpoints for SQS and S3 and creates a queue and bucket.

Network layout

Usage

Prerequisites

  • Have the CDK installed

Deployment

git clone https://github.com/SummitRoute/isolated_network_experiment.git
cd isolated_network_experiment
npm install
# Then, while in an AWS session, such as through aws-vault
cdk deploy

Uninstalling

cdk destroy

About

CDK app to setup an isolated AWS network to experiment with ways of exfiltrating data

Resources

Readme
Activity
Custom properties

Stars

18 stars

Watchers

4 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages