The AWS Cloud Red Team Specialist (CARTS) course offered by CyberWarFare Labs is an advanced cyber attack and detection learning platform. The course is designed to provide an in-depth understanding of AWS core services, identification of misconfigurations, and methods to stealthily exploit them in an Enterprise AWS Cloud Environment.
The AWS Cloud Red Team Specialist (CARTS) course offered by CyberWarFare Labs is an advanced cyber attack and detection learning platform. The course is designed to provide an in-depth understanding of AWS core services, identification of misconfigurations, and methods to stealthily exploit them in an Enterprise AWS Cloud Environment. The course is delivered in a combination of On-Demand & Instructor-Led mode, including online lectures, practical hands-on exercises, and a practical examination1. The duration of the course may vary based on individual learning pace, but it typically takes around 1-3 months to complete.
This 4-day course cuts through the mystery of Cloud Services (including AWS, Azure, and G-Cloud) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing traditional network infrastructure. Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and knowing how to protect yourself from them is critical. This course covers both the theory as well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure. Prior pentest/security experience is not a strict requirement, however, some knowledge of Cloud Services and familiarity with common Unix command-line syntax will be beneficial.
Stay frosty within AWS, Azure, & GCP environments with this fast-paced and hands-on course which teaches each participant the Tactics, Techniques, and Procedures (TTPs) needed to infiltrate and expand access within cloud platforms. In this course you will: Exploit serverless (e.g. Lambda, Azure Functions) applications for initial access into targets. Pivot between data and control planes to expand access (e.g. secrets, snapshots) Evade and disrupt cloud logging platforms (e.g. CloudTrail) to remain undetected. Breach and backdoor boundaries (e.g. VPCs) to access hard to reach systems. Expanding access within Kubernetes (K8s) envs (e.g. GCP bypass of metadata protections) Compete throughout the course in our hands-on Capture the Flag (CTF) tournament!
Astute AWS/Azure/GCP Cloud Red Team: It’s Raining Shells! – 2021
SEC545 is a comprehensive course designed to equip security professionals with the knowledge and skills necessary to secure cloud infrastructures effectively. As organizations increasingly migrate to cloud environments, understanding how to design, implement, and manage security measures in these settings becomes crucial.
This course provides an in-depth exploration of penetration testing techniques tailored to modern cloud environments. Participants will gain hands-on experience identifying vulnerabilities, exploiting weaknesses, and understanding the unique attack vectors that cloud infrastructures introduce. Covering leading platforms such as AWS, Azure, and Google Cloud, SEC588 emphasizes real-world scenarios, enabling students to assess and secure cloud systems effectively. With a focus on both offensive and defensive strategies, the course equips cybersecurity professionals with the tools to stay ahead in a rapidly evolving threat landscape.
