Slides
Abstract
This course is for those interested in cloud penetration testing.
DETAILED AGENDA
- Introduction to Cloud Computing (10 minutes)
- Product Offerings by Major Vendor’s (15 minutes)
- AWS
- Azure
- GCP
- Openstack
- How does Cloud Pentesting differs from Conventional Pentesting (10 minutes)
- Explore Attack Surfaces on different Cloud environments IaaS, PaaS, SaaS, Serverless (10 minutes)
- Exploiting Metadata API’s
- Abusing cloud storage
- Forensic anaylsis of cloud snapshots
- Attacking Azure AD
- Attacking Serverless
- Understanding and attacking IAM Services
- Various Case Studies
ATTENDEE REQUIREMENTS
Your own laptop with 4 GB RAM & a fundamental understanding to go hands on