From build and migration to management and innovation, the pressure to secure cloud infrastructure is felt by all organisations. To do so effectively, you’ve got to understand the architecture of cloud attacks inside out – by using the tools and techniques yourself.
This course enables you to do just that. Get into the attacker mindset for 3 days and deploy over 25 fresh and novel attacks via our state-of-the-art labs. The training is delivered by professional penetration testers, well-versed in cloud hacking from their years of experience in the wild. At the end of the course, you’ll be able to confidently and competently identify weaknesses in cloud deployment. And by also covering cloud detection and response, you’ll be defence-ready, with the knowledge to fix those weaknesses and monitor your cloud environment for attacks. This course will be delivered in-person.
The course Syllabus is as follows:
Introduction to cloud computing
Enumeration of cloud environments
AWS Section Starts:
GCP Section Starts:
Attacking Storage Services (AWS, Azure, GCP):
Containers as a service and K8s exploitation:
Top 3 Takeaways
In this two-day course, students will develop an attackers mindset to attack the cloud environment after gaining the initial foothold. * Students will learn to attack and exploit a variety of Cloud infrastructure. They will play the part of the hacker, compromising serverless apps, cloud machines, storage and database services, dormant assets and resources. * Students will learn privilege escalation and pivoting techniques specific to cloud environments. * Students will learn how to breakout from the containers and escalate the privileges to get access to the host system.
The free 30-day lab access provides attendee surplus time to learn advanced topics in their own time and at their own pace.
Who Should Take This Course:
And anyone who wants to take their skills to the next level! Prior pentest experience is not a strict requirement; however, some knowledge of Cloud Services and familiarity with common command line syntax will be greatly beneficial.
What Students Should Bring:
Students must bring their own laptop with: * Admin/root access * A virtualisation software (VirtualBox) pre-installed * 8 GB RAM and 20 GB free disk space dedicated (for Linux virtual image) * Minimum of 8 GB on the host system to support virtual image (preferable) </br> Note: Macbooks with M1 chips are not supported due to virtualization issues.
What Students Will Be Provided With:
Numerous scripts and tools (some public and some NotSoPublic) will also be provided during the training, along with the student handouts. Our courses also come with detailed answer sheets. That is a step-by-step walkthrough of how every exercise within the class needs to be solved. These answer sheets are also provided to students at the end of the class.