YoVDO

Poking Holes in the Cloud: Auditing AWS Security - 2018

Offered By: LASCON via YouTube

Tags

Cloud Security Courses Penetration Testing Courses AWS Security Courses Kubernetes Security Courses

Course Description

Overview

Explore tools and techniques for conducting penetration tests against AWS-hosted systems and applications in this 55-minute conference talk from LASCON 2018. Dive into pentesting methodology, covering phases such as reconnaissance and exploitation. Learn about DNS recon tools, AWS buckets, and various recon techniques. Discover exploits for billing apps, metadata servers, GraphQL, Kubernetes, and Lambda. Gain insights on Metasploit fingerprinting and walk away with valuable lessons and key takeaways for enhancing cloud security auditing skills.

Syllabus

Intro
About Me
About the Topic
Pentesting
NetSec DevOps
Pentesting Methodology
Phase 1 Reconnaissance
DNS Recon Tools
AWS Buckets
Recon Tools
Proves Check
Phase 3 Exploits
Billing App
Metadata Server
GraphQL
Kubernetes
Lambda Hack
Pakku
Metasploit
fingerprinting
What we learned
What to take away


Taught by

LASCON

Related Courses

Security Best Practices in Google Cloud
Google Cloud via Coursera Architecting with Google Kubernetes Engine: Production en Français
Google Cloud via Coursera Configuring and Managing Kubernetes Security
Pluralsight Security Best Practices in Google Cloud
Pluralsight Kubernetes Security: Cluster Hardening
Pluralsight