Technically, a penetration test on the cloud computing environment does not differ that much from any other penetration test, even an on-premise equivalent.

“I have hashed the passwords and stored them in the database, there will be no way an adversary can reverse the hashes”. All too often I have heard this coming out of application developers and infrastructure team. This is true to a certain extent, if the password was complex enough.

DNS Hijacking, also known as DNS redirection, is a form of hacking that overrides a computer’s TCP/IP settings to point to a rogue DNS server, consequently invalidating the default DNS setting. What this means: if you registered your domain name to be www.mydomain.com, a malicious attacker could hijack the domain to point to another DNS server. If this happens, the