AWS CLI

⛅️ AWS Evidence Collection

Are there any Shadow Cloud Accounts? Could be the first place to look when investigating.

AWS Configuration

Default Configurations By default, SSH 22 and RDP 3389 are closed, but these are suggested to be opened when creaing them, warning how dangeroud this is.