YoVDO

Poking Holes in the Cloud: Auditing AWS Security - 2018

Offered By: LASCON via YouTube

Tags

Cloud Security Courses Penetration Testing Courses AWS Security Courses Kubernetes Security Courses

Course Description

Overview

Explore tools and techniques for conducting penetration tests against AWS-hosted systems and applications in this 55-minute conference talk from LASCON 2018. Dive into pentesting methodology, covering phases such as reconnaissance and exploitation. Learn about DNS recon tools, AWS buckets, and various recon techniques. Discover exploits for billing apps, metadata servers, GraphQL, Kubernetes, and Lambda. Gain insights on Metasploit fingerprinting and walk away with valuable lessons and key takeaways for enhancing cloud security auditing skills.

Syllabus

Intro
About Me
About the Topic
Pentesting
NetSec DevOps
Pentesting Methodology
Phase 1 Reconnaissance
DNS Recon Tools
AWS Buckets
Recon Tools
Proves Check
Phase 3 Exploits
Billing App
Metadata Server
GraphQL
Kubernetes
Lambda Hack
Pakku
Metasploit
fingerprinting
What we learned
What to take away


Taught by

LASCON

Related Courses

Network Security
Georgia Institute of Technology via Udacity Proactive Computer Security
University of Colorado System via Coursera Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Hacker101
HackerOne via Independent CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent