Attackers are everywhere. They are now on the cloud too! Attacking the most popular cloud provider – AWS, requires the knowledge of how different services are setup, what defences do we need to bypass, what service attributes can be abused, where can information be leaked, how do I escalate privileges, what about monitoring solutions that may be present in the environment and so on! We try to answer these questions in our intense, hands-on scenario driven training on attacking and subsequently defending against the attacks on AWS.
As an attacker or defender, if you have ever asked any of the following questions, this training is for you:
- Is there a process to attacking the cloud or do we go after the services as and when they are discovered?
- Is SSRF the only vulnerability to access the metadata service on EC2?
- How do I use stolen AWS secret keys to attack further?
- How do I hide cover my tracks in AWS environment?
- If I can’t see a service due to security group, can I still attack it?
- How do I create better wordlists to discover and exploit S3 buckets that have uncommon names?
- Can I impersonate other users within AWS?
- Is there a way to extract secrets from AWS Lambda?
- How do I prevent credential compromise in AWS?
- How can I be sure there is no attacker already within my cloud infrastructure?
- How do I enumerate and move between accounts that are part of AWS organisations?