Kali Linux AMI for Pentesting

I have created an AMI with Kali in the past (when there wasn’t an AMI available in the AWS Marketplace), but it’s much easier to do nowadays and you have several options available; please see my notes below as well as the answer to your question about penetration testing.

Option One: Use the Kali Linux AMI from Offensive Security in the AWS Marketplace. Please see here: https://aws.amazon.com/marketplace/pp/B01M26MMTT

Option Two: Create an Ubuntu EC2 instance and install Kali using “apt-get install kali-linux-full”, the complete set of instructions can be found here: https://www.alienvault.com/blogs/security-essentials/configuring-kali-linux-on-amazon-aws-cloud-for-free

Option Three: Build your own AMI using a bootstrap script (I wouldn’t recommend this option). You can find details regarding this on the Internet.

Penetration Testing AWS Resources

The answer to your other question is “yes”, AWS does require express authorization before performing any type of penetration test or vulnerability assessment scanning of any cloud based assets (regardless of whether you own them or not). AWS refers to this as “Simulated Event Testing” and you can find the form that you need to complete along with additional information here: https://aws.amazon.com/security/penetration-testing/

PERFORM THE FOLLOWING STEPS IF YOU CAN’T RUN “apt-get install Kali-linux-full” FROM ABOVE:

root@ubuntu-vm:~# cp /etc/apt/sources.list /etc/apt/sources.list.bak

Now, append the following to the bottom of your “/etc/apt/sources.list” file:

deb http://http.kali.org/kali kali-rolling main contrib non-free

deb http://http.kali.org/kali sana main non-free contrib

deb http://security.kali.org/kali-security sana/updates main contrib non-free

deb http://old.kali.org/kali moto main non-free contrib

[email protected]:~# apt-get update && apt-cache search kali-linux

[email protected]:~# apt-get -y install kali-linux-full