The Hybrid Multi-Cloud Red Team Specialist (CHMRTS) course offered by CyberWarFare Labs is an advanced cyber attack and detection learning platform. The course is designed to provide an in-depth understanding of Hybrid Multi-Cloud core services, identification of misconfigurations, and methods to stealthily exploit them in an Enterprise Hybrid Multi-Cloud Environment.
Syllabus
Attacking – AWS Environment
- Enumerating & Designing Attack Surface of AWS Cloud Services
- Exploit Lambda Function for Persistence & Privilege Escalation
- Pivoting & Lateral Movement using AWS VPC Service
- Post-Exploitation by abusing mis-configured AWS Services
- Data Exfiltration from S3, RDS, STS & Secret Manager etc
Attacking – Azure Environment
- Enumerating & Designing Attack Surface of Azure Cloud Services
- Pivoting Azure Control Plane to the Date Plane
- Stealth Persistence Access of Azure account by Service Principal
- Privilege Escalation by abusing mis-configured RBAC
- Mis-use Azure Authentication Methods [PHS, PTA, Federation].
Attacking – GCP Environment
- Enumerating & Designing Attack Surface of GCP Services
- Enumerating & Exploiting Google Kubernetes Services
- Post-Exploitation by abusing mis-configured GCP Services
- Privilege Escalation by exploiting mis-configured OAuth & IAM
- Persistence Access by Temporary/ Permanent Access Token
Attacking – Hybrid Multi-Cloud Environment
- Lateral movement from one Cloud to another Cloud Platform
- Enumerate & exploit widely used SaaS Services (O365, G-Suite)
- Exploit Trusted Relationship for expanding the access
- Pivoting from On-premise to Cloud environment & vice-versa
- Use Manual/Open-Source Tools for Offensive Operations
نظرات کاربران
Comments: 0