YoVDO

Post-Exploitation of Cloud Service Providers

Offered By: RSA Conference via YouTube

Tags

RSA Conference Courses Amazon Web Services (AWS) Courses Penetration Testing Courses Cloud Security Courses Credential Theft Courses

Course Description

Overview

Explore post-exploitation techniques for cloud service providers in this 54-minute webcast presented by Mohammed Aldoub, an independent security consultant and Blackhat trainer. Gain insights into how hackers attack and pivot within cloud environments, with a focus on AWS. Witness demonstrations of the "barq" AWS post-exploitation tool and learn methods for gaining and maintaining access, including account backdooring, cloud-wide credential theft, and other attack strategies. Designed for penetration testers, this webcast enhances understanding of cloud components and their interactions, enabling better risk assessment and penetration testing in cloud environments. Delve into topics such as EC2 instances, AWS ME, IAM policies, trust relationships, and automated attacks, providing a comprehensive overview of cloud security vulnerabilities and exploitation techniques.

Syllabus

Introduction
Speaker Introduction
Why AWS
How to test AWS services
EC2 overview
Attacking EC2 instances
EC2 Instances
AWS ME
What Attacks Can Work
Training Mode
Print stored secrets
Attack surface
Whats next
IAM
IAM Pass Role
IAM Policy
AWS Escalation Tool
Trust Relationships
Automated Attacks
Sample
Questions


Taught by

RSA Conference

Related Courses

Communicating Data Science Results
University of Washington via Coursera Cloud Computing Applications, Part 2: Big Data and Applications in the Cloud
University of Illinois at Urbana-Champaign via Coursera Cloud Computing Infrastructure
University System of Maryland via edX Google Cloud Platform for AWS Professionals
Google via Coursera Introduction to Apache Spark and AWS
University of London International Programmes via Coursera