Change Location × Salt Lake City

    Recent Locations

      AWS & Azure Exploitation in Sandy

      • AWS & Azure Exploitation Photo #1
      1 of 1
      July 12, 2018

      Thursday  10:00 AM

      • No Performers Listed
      AWS & Azure Exploitation

      AWS & Azure Exploitation Hands-on Training Course See spring special below to receive an... iPad w/ Apple Pencil & AirPods! or discount when you signup before the end of may! Course Overview Stay frosty within AWS and Azure environments with this fast-paced and hands-on course which teaches each participant the Tactics, Techniques, and Procedures (TTPs) needed to infiltrate and expand access within cloud platforms. In this course you will: Exploit serverless (e.g. Lambda) applications for initial access into targets. Pivot between data and control planes to expand access (e.g. secrets, snapshots). Evade and disrupt cloud logging platforms (e.g. CloudTrail) to remain undetected. Breach and backdoor boundaries (e.g. VPCs) to access hard to reach systems. Leverage stealthy persistence techniques to ensure long-term access (e.g. session tokens). Course Syllabus The Course Syllabus includes...Day 1: Recon for AWS Services of Interest (e.g. Subdomain Takeovers) Hunting for Secrets to the AWS Control Plane (e.g. S3 buckets) Obtaining Secrets via Web App Vulnerabilities (e.g. XXE, LFI) Surveying & Persisting Access within the AWS (e.g. Session Tokens) Pivoting from the AWS Control Plane to the Data Plane (e.g. Snapshots) Gaining RCE via Web App Vulnerabilities (e.g. SSTI, RFI) Post Exploitation within AWS EC2 Instances (e.g. User Data Scripts, DynamoDB) Day 2: Serverless Exploitation w/ Lambda (e.g. Keeping it Hot, Exfiltrating via Services) Breaching Boundaries: Bypassing VPCs (e.g. API Gateway + Lambda Bypass) Logging Disruption within AWS (e.g. Cleaning CloudTrail Logs w/ Lambda) Pivoting from Azure Control Plane to the Data Plane (e.g. Storage Manipulation) Expanding Access via PaaS Specific Azure Attacks (e.g. RDP "debug") Stealthy Azure Persistence Techniques (e.g. Offline Minting of SAS Keys) Overview of Defensive Countermeasures (e.g. MFA, Logging, Alerting, etc...) WHO SHOULD TAKE THIS COURSE This course assumes the student already has some basic penetration testing knowledge and would like to learn more about how to apply penetration testing to cloud centric environments. This includes: Red Teamers & Penetration Testers Blue Teamers & Security Professionals, who wish to see the offensive side Site Reliability Engineers (SREs) & System Administrators, who work with cloud technologies STUDENT REQUIREMENTS Students will need to bring to the class: Access to an active Amazon Web Services (AWS) account with admin access before the class starts. Access to an active Azure subscription with admin access before the class starts. A laptop with admin access to install software with wired network support via an ethernet adapter. Students should be comfortable: Using Linux and SSH. With basic networking concepts and services (e.g. TCP/IP, DNS, DHCP, etc…) Some experience interacting with AWS and Azure platforms. Some python scripting knowledge is recommended, but not required. WHAT STUDENTS SHOULD BRING Students must: Obtain access to an active Amazon Web Services (AWS) account with admin access. Obtain access to an active Azure subscription with admin access. Bring their own laptop, with admin rights to install software. The Laptop needs a wired network support with an ethernet adapter. WHAT STUDENTS WILL BE PROVIDED WITH 2 days of hands-on training A detailed lab guide A copy of all course slides TRAINERS Bryce Kunz (@TweekFawkes) is an Information Security Researcher located in Salt Lake City, Utah, who specializes in exploiting cloud environments through R&D access vectors for key systems (e.g. containers, orchestration systems, web applications, etc…). As a security professional, Bryce has spent time at various agencies (i.e. NSA, DoD, DHS, CBP) and tech companies (i.e. Adobe) focusing on vulnerability research, penetration testing, and incident response. Previously, Bryce received an MBA from a NSA designated "Center of Excellence" Idaho State University (ISU) program with an emphasis in Information Assurance (IA) on a full academic scholarship from the National Science Foundation (NSF). Bryce holds numerous certifications (e.g. OSCP, CISSP, ...) and has spoken at various security conferences (i.e. BlackHat, DerbyCon, BSidesLV, etc...). Spring Special: iPad w/ AirPods & Apple Pencil! When you sign up for this training course before the end of May and receive... The new 9.7-inch iPad, last updated in March of 2018…With AirPods,Apple Pencil, &iPad Smart Cover! Register for this course using one of the below codes before the end of May and receive a the new 9.7-inch iPad, last updated in March of 2018! Use one of these codes: - SpringSpecial_Silver to receive an iPad in Silver - SpringSpecial_Gray to receive an iPad in Space Gray - SpringSpecial_Gold to receive an iPad in Gold - SpringSpecial_Discount to receive a $750 discount iPad Specs: - Model: Wi-Fi - Capacity: 128GB See Full Specs: Spring Special is Ending Soon! Offer ends May 31st 2018 at 11:59pm. Terms & Conditions: This offer cannot be combined with any other offer or discount. Must be attending training in person to recieve the products (e.g. iPad, etc...) and paid in full for the training course before the date the offer expires. Course offerings are subject to change at any time. We shall not be held liable for students who elect marketing promotions or discounts that are not consistent with their employer's Standards of Conduct and/or procurement standards. We reserve the right to substitute this offer for an alternative product, service, or cash award of approximately equivalent retail value. Questions? Please email with any questions!

      Categories: Science

      Event details may change at any time, always check with the event organizer when planning to attend this event or purchase tickets.
      COMMENTS ABOUT AWS & Azure Exploitation