Sacon: Cloud Pentesting: Free Workshop

Abstract

This course is for those interested in cloud penetration testing.

DETAILED AGENDA

  • Introduction to Cloud Computing (10 minutes)
  • Product Offerings by Major Vendor’s (15 minutes)
    • AWS
    • Azure
    • GCP
    • Openstack
  • How does Cloud Pentesting differs from Conventional Pentesting (10 minutes)
  • Explore Attack Surfaces on different Cloud environments IaaS, PaaS, SaaS, Serverless (10 minutes)
  • Exploiting Metadata API’s
  • Abusing cloud storage
  • Forensic anaylsis of cloud snapshots
  • Attacking Azure AD
  • Attacking Serverless
  • Understanding and attacking IAM Services
  • Various Case Studies

ATTENDEE REQUIREMENTS

Your own laptop with 4 GB RAM & a fundamental understanding to go hands on

Slides