Amazon Web Services (AWS) is de facto the most popular cloud service. Due to the prevelence of AWS, there is a need for security testers to learn how to effectively attack and test their AWS cloud infrastructure. In this training, we will take an attacker's approach to AWS security where you'll get to create your attack arsenal that is AWS specific, get a distilled deep dive into AWS services and concepts that are essential for performing a security assessment/audit of AWS based infrastructure.
The training is meant to be a hands-on with guided walkthroughs, scenario based attacks, coverage of tools that can be used for attacking and auditing. Due to the attack, focused nature of the training, we will not spend a lot of time on defence aspects such as security architecture, defence in depth etc. While mitigations will touched upon, we will nnly point out to the relevant AWS/third-party documentation for further self-study.
We expect the trainees to bring their own AWS account for the training
..more
Prerequisites
What you should know?
- Familiarity with AWS console
- Ideally you should have started VMs in AWS, configured S3 buckets and have an idea of IAM
- Familiarity with Security Testing basics and tools like nmap, Burp Suite
- Comfortable using command line tools to login to servers, install packages, executing scripts and applications
- Basics of HTTP, JavaScript
- Basics of Networking concepts enough to understand Cloud Architecture
What you should bring?
- Laptop with a modern OS like Windows 10 / OSX / Linux
- SSH client installed on the host OS
- Ability to connect to the wireless network
- Own AWS account which has been activated for payments
Who should attend
- Pentesters and Security Testers
- Security Professionals
- Cloud / IT Professionals
- DevSecOps Professionals
What to expect
- Completely hands-on
- Fast paced training
- While we will be using free-tier AWS services as much as possible, you can expect some minimal account charges
What not to expect
- Dev(Sec)Ops concepts
- How to build cloud infrastructure
- A lot of theory
Course Content
AWS essentials (Mostly hands-on)
- A quick primer to AWS services we'll be covering
- Intro to AWS terminology that we need to know
- Working with AWS CLI
- Deep dive into IAM
Attacking Cloud compute
- Attacking applications and services running on an EC2 instance
- Leveraging application vulnerabilties to gain foot hold into cloud infra (SSRF/RCE etc)
- Leveraging application vulnerabilities to gain access to Instance metadata (IMDSv1 & IMDSv2)
- Bypassing filters to exploit SSRF and access Instance metadata (Encountered in real assessments)
- Post Exploitation
- Privilege Escalation using SSM
- Pivoting, lateral and vertical movement in the AWS environment
- Attacking Serverless applications hosted on AWS Lambda / ECS
Attacking Cloud storage
- Deep dive into AWS S3 misconfigurations
- Exploiting AWS storage beyond S3
- Discovering and pillaging EBS
Attacking IAM
- Deep dive into understanding and attacking various IAM mis-configurations
- Privilege Escalation using IAM mis-configurations
Other AWS Services
- Amazon Cognito mis-configurations
Recon and OSINT against cloud targets
- OSINT techniques to enumerate AWS infra
- Techniques to identify misconfigured buckets
- Tools for discovering, stealing AWS keys
- Techniques to find subdomain takeovers due to S3 at scale
Auditing AWS Environments
- Setting up audit environment
- Tools to perform effective AWS audits
- ScoutSuite/Cloudspalining/CloudMapper/AirIAM
Capture the flag
We will end the training with a hands-on CTF for all the attendees. The challenges are meant to evaluate key concepts and skills that you would have gained over the course of the training. By repeating them in a challenge format you will be able to self-evaluate how much of the knowledge has been retained and what are the concepts that you need to practice more.
- Hands on challenges for the attendees
- Walkthrough of all challenges
Get Ticket
