Skip to content

Breaching AWS

Introduction

How to access the Labs

BAWS Lab Objectives

Breaching AWS – Rules of Engagement

Breaching TWOCAPITALS

BAWS 01 – Enumerating S3 Buckets Sample Lesson

BAWS 01 – Lab

BAWS 01 – Lab Solution

BAWS 02 – AWS Subdomain Takeover

BAWS 02 – Dumping EBS Secrets Sample Lesson

BAWS 02 – Lab 2

BAWS 02 – Video Walkthrough

BAWS 02 – Lab 2 – Solution

BAWS 03 – Enumeration & Command Execution via SSM

BAWS 03 – Lab 1

BAWS 03 – Video Walkthrough

BAWS 03 – Lab 1 Solution

BAWS 04 – Abuse IAM User Roles, Instance Metadata & SNS

BAWS 04 – Abusing Instance Metadata Service (IMDS)

BAWS 04 – Lab

BAWS 04 – Lab Solution

BAWS 05 – Capture Credentials from SNS Service

BAWS 05 – Lab

BAWS 05 – Lab Solution

BAWS 06 – Get Remote Code Execution on a Lambda Function

BAWS 06 – Lab

BAWS 06 – Lab Solution

BAWS 07 – Enumerate and Read Data from DynamoDB

BAWS 07 – Lab

BAWS 07 – Lab Solution

BAWS 08 – Upload Malicious Image into ECR

BAWS 08 – Lab

BAWS 08 – Lab Solution

BAWS 09 – AWS SSO Phishing Attack

BAWS 09 – Lab

BAWS 09 – Lab Solution

BAWS 10 – Enumerate AWS IAM Identity Center Permissions

BAWS 10 – Lab

BAWS 10 – Lab Solution

BAWS 11 – Enumerate AWS IAM Permission & Retrieve Secrets from Secret Manager

BAWS 11 – Lab 1

BAWS 11 – Lab Solution

BAWS 12 – Utilising Rancher to Gain Shell Access to a Pod

BAWS 12 – Amazon Elastic Kubernetes Service (AWS EKS)

BAWS 12 – Lab

BAWS 12 – Lab Solution

BAWS 13 – Enumerate RDS and Retrieve the Final Flag

BAWS 13 – Lab

BAWS 13 – Lab Solution

BAWS 02 – Video Walkthrough

Breaching AWS
BAWS 02 – Dumping EBS Secrets
BAWS 02 – Video Walkthrough