ＨｉｄｅＺｅｒｏＯｎｅ

The cloud is the new network. Modern enterprises are running on Amazon Web Services (AWS), and security professionals need to master the unique attack surface it presents. If you’re a pentester, bug bounty hunter, or security engineer ready to conquer the cloud, this course is for you. This course is a comprehensive, hands-on journey into the world of AWS penetration testing. You’ll move past theory to build, configure, and exploit real-world cloud vulnerabilities in a safe, controlled lab environment using industry-standard tools like Pacu and CloudGoat.

More than 95 percent of Fortune 500 use Azure today! A huge number of organizations use Azure AD (Entra ID) as an Identity and Access Management platform. This makes it imperative to understand the risks associated with Azure as it contains an enterprises infrastructure, apps, identities and a lot more!

In addition to cloud-only identity, the ability to connect on-prem Active Directory, applications and infrastructure to Azure AD brings some very interesting opportunities and risks too. Often complex to understand, this setup of components, infrastructure and identity is a security challenge.

In this hands-on course, you’ll learn how to use Terraform to securely deploy resources on AWS using Infrastructure as Code (IaC). Guided by instructors with experience running Terraform in production, we’ll take you step-by-step from zero prior Terraform knowledge to confidently writing infrastructure as code and deploying production-ready AWS resources securely.

Learn what Amazon S3 is, how it works, and how to protect your data. This course will show you how to create and configure buckets, upload and access objects, avoid common security misconfigurations (some of which have resulted in massive breaches), and how to run regular automated scans with open source tools to discover issues. You’ll also learn to think like an attacker to find weaknesses that could potentially be exploited. The course was designed to provide a heavy dose of hands-on, practical learning with a mixture of taking action through the console, CLI, and roles.

Learn how to use IAM Roles like the pros. This course answers questions like:

• What are IAM roles and how are they different from users?
• When should you use roles, and how?
• What are differences between trust policies, managed policies, and inline policies?
• What’s an effective way to assume roles?
• How does role chaining work? How does cross-account access work?
• What is IAM Roles Anywhere and how does it work?
• What are service-linked roles, and how are they different from service roles?
• What are security implications of using roles?

Cloud Red Team : Attacking and Defending Azure is designed to help security professionals in understand, analyze and practice attacks in an enterprise-like live Azure environment that has effective security controls in place. You will be able to practice and sharpen popular tactics, techniques and procedures (TTPs) for Azure environments. In addition, you will learn how to bypass security controls like Advanced Conditional Access Policies, Multiple ways to bypass MFA that is enforced using different methods, Privileged Identity Management (PIM) and Microsoft Defender for Cloud. CARTE also focuses on abuse of JWT signing, Family of Client IDs (FOCI), Attribute Based Access Control (ABAC), Temporary Access Password (TAP), Custom Claims, Cross Tenant Access, Azure Lighthouse, Azure ARC, Multi-Cloud Access, Tokens form Office Applications and traffic and Abuse of Kerberos in Entra ID.