Learn hands-on how to exploit AWS cloud misconfigurations and build practical skills with step-by-step walkthroughs, labs, and CTFs. CloudGoat enables you to deploy vulnerable-by-design AWS scenarios in your own environments, although we will be providing a couple of those scenarios as 1-click deploy 🧪 Cybr Hands-On Labs if you would rather not use your own environments. Not all of the scenarios will be available with our labs due to how vulnerable they are.
Syllabus
- Introduction
- Setting up our lab environment
- Getting started with Pacu
- IAM Privilege Escalation by Misconfiguration (Small / Easy)
- Vulnerable Lambda (Small / Easy)
- IAM Privilege Escalation by Rollback (Small / Easy)
- Cloud Breach via S3 (Small / Moderate)
- IMDSv2 Compromise (SMALL / MODERATE)
- ECS Takeover (Medium / Moderate)
- Wrap-up and Key Takeaways
