Hacking Cloud Infrastructure

Cut through the mystery of cloud services on our 2 day course.

This 2-day course cuts through the mystery of Cloud Services (including AWS, Google Cloud Platform (GCP) and Azure) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing a traditional network infrastructure.

Note: Students will have access to a state-of-the-art Hacklab with a wide variety of vulnerabilities to practice exploitation and will receive a FREE 1 month subscription after the class to allow more practice time along with the support portal to clear doubts.

You will be able to:

  • Think and behave like an advanced, real world threat actor
  • Identify and exploit complex vulnerabilities and security misconfigurations in AWS, Microsoft Azure
  • Design your penetration tests around real-world attacker behaviors and tooling, making it relevant to the threats facing your organization
  • Identify the attack surface exposure created by cloud-based services such as virtual machines (VMs), buckets, container as a service (CaaS) platforms, and serverless functions

2 day Course

Live, online available

Hack-Lab available

Basic

Overview Interested? Details Prerequisites Courses and webinars PDF Booking enquiries

Course Overview

With the rapid adoption of cloud infrastructure and the prevalence of hybrid cloud environments among organizations, the need to address cloud misconfigurations has become paramount. This course offers a holistic approach to understanding and mitigating misconfigurations in AWS and Azure.

From building and migrating to managing and innovating in the cloud, organizations face increasing pressure to secure their cloud infrastructure effectivel. To achieve this, a deep understanding of cloud attack architecture and hands-on experience with relevant tools and techniques are essential.

This comprehensive 2-day course immerses participants in the attacker's mindset, providing the opportunity to deploy over 20 novel attacks through state-of-the-art labs. The training is delivered by seasoned penetration testers with extensive experience in cloud hacking, gained through real-world engagements.

By the end of the course, participants will be well-equipped to confidently identify vulnerabilities within cloud deployments. This course is a crucial step toward enhancing cloud security in an ever-evolving threat landscape.

Interested

Interested?

1. Our courses are available directly from us; through our training partners or at worldwide technical conferences.

2. You can find course dates and prices on the Courses and Webinars page. Click here for course dates, prices and content

3. Take a look below at a few of the upcoming courses for this specific training.

4. For more information including private course requests, complete the short form below.

Courses and webinars

Booking enquiries

Select the course from the Courses and Webinars Page.

Click here for course dates and prices

For private course delivery enquiries or other information, please use the form alongside.

What you will learn

This course uses a Defense by Offense methodology based on real world engagements and offensive research (not theory). That means everything we teach has been tried and tested on live environments and in our labs and can be applied once the course is completed. By the end of the course, you’ll know how to:

  • Think and behave like an advanced, real-world threat actor
  • Identify and exploit complex vulnerabilities and security misconfigurations in AWS and Microsoft Azure
  • Design your penetration tests around real-world attacker behaviors and tooling, making it relevant to the threats facing your organization
  • Identify the attack surface exposure created by cloud-based services such as virtual machines (VMs), buckets, container as a service (CaaS) platform, and serverless functions

What you will be doing

You’ll be learning hands on:

  • Spending most of the session (~60%) on lab-based exercises
  • Using lab-based flows to explore and hack lifelike cloud environments
  • Exploiting, defending, and auditing different cloud environments
  • Competing in a Capture the Flag (CTF) challenge to test your new skills
  • Discussing case studies with your course leader to understand the real-world impact of the hacks covered

Why it is relevant

The cybersecurity skills shortage is felt perhaps nowhere as deeply as in the cloud. With new rulebooks and standards, practitioners often find themselves playing catch up with the latest developments in technology and in the threat landscape. This course is designed to be a highly informative bootcamp to help you advance your skills in the most important and relevant areas of cloudsec. Across 2 days, you’ll learn about the high-impact vulnerabilities and flaws that could be open in your organization right now and how to fix them.

Our syllabuses are revised regularly to reflect the latest in-the-wild hacks, the newest system releases, and whatever proof of concepts we’ve been developing in our own research. Because they remain so up to date with the threat landscape and security industry standard, many delegates return every 1-2 years to update their skills and get a refresh.

Top 3 takeaways

  • Exploit labs in a kill-chain style and escalate privilege by exploiting multiple services
  • Understand how to perform enumeration to identify different misconfiguration in the cloud environment
  • Gain an understanding of Shadow Admin permissions and acquire skills on leveraging these permissions to elevate your privileges

Details of the course content:

INTRODUCTION TO CLOUD COMPUTING

  • Introduction to the Cloud
  • Importance of Cloud Security
  • Shared Responsibility Model in the Cloud
  • Comparison with Conventional Security Model
  • Importance of Cloud Metadata API from an Attacker’s perspective

CLOUD ASSET ENUMERATION

  • Importance of DNS in the Cloud
  • DNS-based Enumeration
  • Open-Source Intelligence Gathering (OSINT) techniques for Cloud Asset Enumeration
  • Username enumeration using Cloud provider APIs

CLOUD STORAGES

  • Introduction to AWS S3
  • AWS S3 misconfigurations
  • Introduction to GCP Storage
  • Introduction to Azure Storage
  • Azure: Shared Access Signature (SAS) URL Misconfiguration

INTRODUCTION TO AZURE AND ATTACKING MICROSOFT AZURE AD

  • Introduction to Azure and Microsoft Entra ID
  • Azure Application Attacks on App Service, Function App and Storages
  • Azure Database
  • Automation Account
  • Azure Key Vault
  • Introduction to Microsoft Entra ID authentication methods and risks
  • Microsoft Entra ID Attacks (Managed User Identities)
  • Bypassing MFA Security and Conditional Access Policy
  • Abusing Dynamic Membership Policy

INTRODUCTION TO AWS

  • Introduction to AWS IAM and Policies
  • Understanding AWS Policy Evaluation
  • AWS Cognito Service
  • IAM: Misconfigurations
  • Elastic Beanstalk
  • AWS Cross-Account Misconfigurations
  • Enumerate roles using Pacu
  • Gaining access to EC2 instance by abusing instance attribute
  • Resource based policy misconfiguration
  • Lambda and API Gateway exploitation
  • IAM Access Analyzer

DIFFERENCE BETWEEN AWS, AZURE & GCP IAM AND PITALLS

This module offers a concise comparison of Identity and Access Management (IAM) in AWS, Azure, and GCP. It illuminates the key differences and potential pitfalls associated with IAM in these cloud platforms. Participants will gain insights into the nuanced IAM features and challenges specific to each provider, equipping them with a solid understanding to navigate and secure access control effectively.

What you will get

  • Certificate of completion
  • 30 days lab access post-course completion (with the opportunity to extend)
  • 8 Continuing Professional Education (CPE) credits awarded per day of training fulfilled
  • Learning pack, including question & answer sheets, setup documents, and command cheat sheets

Course highlights

What delegates love:

  • Our labs: probably the biggest selling point for our courses. Not only will you spend most of the course hacking hands-on in a lifelike web environment, but you’ll also have 30+ days access to practice your new skills afterwards.
  • Individual access: you’ll have your own infrastructure to play with, enabling you to hack at your own speed.
  • Real-world learning: where many leading cybersecurity training courses are based on theory, our scenario-led, research-based approach ensures you learn how real threat actors think and act.
  • Specialist-led training:you’ll learn from highly skilled and experienced practicing penetration testers and red teamers.
  • Up-to-date content: our syllabus remains so relevant, delegates come back year after year for more.
  • Remediations included: you’ll learn how to fix as well as find vulnerabilities.

Outcomes for budget holders

This course is designed to bring your in-house cloud security testing competency up to the industry standard, helping you:

  • Lower the likelihood of security incidents by identifying weaknesses in your cloud infrastructure
  • Improve your understanding of the organization’s risk posture based on the frequency and severity of weaknesses identified
  • Improve the organization’s approach to access control management
  • Create a stronger case for securing software development, cloud deployment, and governance practicesy
  • Develop a secure cloud roadmap that balances growth and risk
  • Implement cloud-based attack detection and response tactics
  • Build a closer relationship between development and security teams
  • Internally pentest new tools and systems before making an investment
  • Nurture and retain passionate, highly skilled, and security conscious employees
  • Demonstrate commitment to security through training, compliance, and change management
  • Develop the organization’s competitive advantage for security-conscious customers

Prerequisites

Who Should Take This Class?

  • Cloud administrators and architects
  • Penetration testers and red teamers
  • CSIRT/SOC analysts and engineers/blue teams
  • Developers
  • Security/IT managers and team leads

This course is suitable for anyone with a stake or interest in cloud security, from technical practitioners to decision makers. The syllabus has been designed to cover the cloud misconfigurations and advances in hacking, as well as the skills to penetration test cloud systems and environments and remediate vulnerabilities.

Delegates must have the following to make the most of the course:

  • Basic to intermediate knowledge of cybersecurity (1.5+ years’ experience)
  • Experience with common command line syntax of cloud CLI

You will need:

Delegates must bring their own laptop and have admin/root access on it. The laptop must have a virtualization software (virtualbox / VMWare) pre installed. A customized version of Kali Linux (ova format) containing custom tools, scripts and VPN scripts for the class will be provided to the students. The laptop should have at least 4 GB RAM and 20 GB of free disk space dedicated for the VM.

Hacking Cloud Infrastructure

Course Information

You can download a copy of the course information below.

In addition you will also be provided with a student pack, handouts and cheat-sheets if appropriate.

Download the course information

Your Training Roadmap

CCS Training Levels

Offensive Classes

Hacking training for all levels: new to advanced. Ideal for those preparing for certifications such as CREST CCT (ICE), CREST CCT (ACE), CHECK (CTL), TIGER SST as well as infrastructure / web application penetration testers wishing to add to their existing skill set.

Defensive Classes

Giving you the skills needed to get ahead and secure your business by design. We specialise in application security (both secure coding and building security testing into your software development lifecycle) and cloud security. Build security capability into your teams enabling you to move fast and stay secure.

Testimonials

Very impressed with the lab environment. Course is packed with Information and exciting challenges. Excellent Content and in-depth presentation. Loved the practice timing and walk-through. The extended lab access is helpful to practice after the class."

Delegate, Black Hat USA

GREAT CLASS."

Delegate, Hacking and Securing Cloud - Public Course

I really appreciated being able to take my own time over the material in the lab."

Delegate, Hacking and Securing Cloud - Public Course

It was a full 2 days and quite fast! I'm really keen to know more now."

Delegate, Hacking and Securing Cloud - Public Course

It provided me with the latest Information Security research & development."

Delegate, Black Hat USA

The training was fantastic, I'm sure I'll do the related webinars as well when I have the chance."

Delegate, Hacking and Securing Cloud - Public Course