Poking Holes in the Cloud: Auditing AWS Security - 2018
Offered By: LASCON via YouTube
Course Description
Overview
Explore tools and techniques for conducting penetration tests against AWS-hosted systems and applications in this 55-minute conference talk from LASCON 2018. Dive into pentesting methodology, covering phases such as reconnaissance and exploitation. Learn about DNS recon tools, AWS buckets, and various recon techniques. Discover exploits for billing apps, metadata servers, GraphQL, Kubernetes, and Lambda. Gain insights on Metasploit fingerprinting and walk away with valuable lessons and key takeaways for enhancing cloud security auditing skills.
Syllabus
Intro
About Me
About the Topic
Pentesting
NetSec DevOps
Pentesting Methodology
Phase 1 Reconnaissance
DNS Recon Tools
AWS Buckets
Recon Tools
Proves Check
Phase 3 Exploits
Billing App
Metadata Server
GraphQL
Kubernetes
Lambda Hack
Pakku
Metasploit
fingerprinting
What we learned
What to take away
Taught by
LASCON
Related Courses
Architecting Microsoft Azure SolutionsMicrosoft via edX Internetwork Security
Indian Institute of Technology, Kharagpur via Swayam Network Security
Georgia Institute of Technology via Udacity Microsoft Professional Orientation : Cloud Administration
Microsoft via edX Cyber Threats and Attack Vectors
University of Colorado System via Coursera