BREACHING AWS

Breaching AWS labs provide a simulated environment in which a fictitious financial institution named “TwoCapital” has its infrastructure hosted on the AWS platform.

Within these labs, students can acquire knowledge about utilizing AWS-specific attack methods, which encompass tasks such as performing AWS reconnaissance, executing privilege escalation strategies, and exploiting AWS services.

ENROLL

Attack Paths

AWS Services in 2 Regions

Flags

Course Contents:

AWS Reconnaissance
AWS Phishing Technique (Device Code)
Extract Secrets from Secret Manager, Storages, Databases etc
Intercept sensitive data by utilizing Simple Notification Service (SNS)
Abuse Kubernetes Misconfiguration
Abuse Container Registry Permissions
Laterally Movement Across AWS Services
Utilize Rancher to get Shell on EKS Pod
Abuse Misconfigure IAM Permissions
Enumerate AWS Identity Center Directory
Extract and Exploit Lambda Function
Exploit Misconfigured EC2 Instance

ENROLL

Who is it for?

Anyone keen in learning about AWS Security concepts. Our students usually include:

Penetration Testers
Cloud Architects
Cloud Security Engineers
DevOp Teams
Security Enthusiasts

What you will gain?

By the end of this course you will be able to perform:

AWS Enumeration and Reconnaissance
Identify Cloud Misconfigurations
Exploit Access Control Gaps
Lateral Movement
Phishing Attacks
Conduct Cloud Security Audits

Who can do the course?

Participants are expected to have:

Basic knowledge on cloud computing.
Core concepts of AWS.

Requirements

No additional hardware or software is required apart from a stable internet connection. You will be able to access and use a dedicated AWS Virtual Machine from anywhere via a web browser.