Penetration Testing and Red Teaming on AWS

Focused View

Gopi Narayanaswamy

6:40:12

17 View

1. Introduction

1. Course Introduction.mp4

01:55

2. Cloud Fundamentals

1.1 Cloud fundamentals.pdf

1. Introduction to Cloud Computing.mp4

00:29

2. Virtualization in Cloud Computing.mp4

01:40

3. Key Characteristics.mp4

03:09

4. Types of Cloud.mp4

02:58

5. Deployment Models.mp4

02:27

6. Shared Responsibility.mp4

01:28

3. AWS and Services

1.1 AWS Overview.pdf

1. Introduction to AWS.mp4

00:19

2. What is AWS Cloud.mp4

00:38

3. AWS Regions and Availability Zones.mp4

00:51

4. AWS services.mp4

00:38

5. AWS Computing Services.mp4

00:45

6. AWS Storage Services.mp4

01:09

7. AWS Network Services.mp4

01:28

8. Content Delivery Network.mp4

01:46

9. Route 53.mp4

01:18

10.1 aws security services.pdf

10. Security services.mp4

00:11

11. IAM Services.mp4

00:52

12. AWS Infrastructure Security.mp4

00:42

13. AWS Inventory and configuration Services.mp4

00:30

14. AWS data encryption options.mp4

00:48

15. AWS Logs and Monitoring Services.mp4

00:46

4. AWS Shared Responsibility model

1.1 AWS Shared Responsibility model.pdf

1. Shared Responsibility Model.mp4

00:12

2. Security of the Cloud.mp4

00:20

3. Security in the Cloud.mp4

00:57

5. AWS Penetration Testing and Red Teaming

1.1 AWS Penetration Testing.pdf

1. What is covered.mp4

00:11

2. Why Penetration testing is required.mp4

01:08

3. What is required.mp4

00:31

4. System requirements.mp4

00:31

5.1 AWS configure.txt

5. Creating and Configuring API Keys.mp4

00:56

6. Installing AWS Cli and Configuring Profiles.mp4

01:48

7. Configuring Multiple Profiles.mp4

01:33

6. Know Your Attack Surface

1. Common AWS attack surfaces.mp4

00:45

2. Method and Approach for AWS Penetration testing.mp4

01:16

7. Detecting and Testing External Assets

1. External Endpoints and Services - Penetration testing approach.mp4

00:46

2. Identifying external endpoints and services.mp4

01:05

3.1 shodan-googledorks queries.xlsx

3. OSINT Tools - Shodan and Google Dorks.mp4

01:20

4. OSINT Tools - Certstream.mp4

01:45

5. Using Netcraft.mp4

01:10

6.1 ipranges.txt

6. Introduction to AWS IP Ranges.mp4

00:46

7. AWS IP Ranges - Use Cases.mp4

00:49

8. AWS-IPS Go based tool.mp4

02:20

9.1 Collection of s3 tools.pdf

9. Recon - S3 Buckets.mp4

00:40

10. Changes in AWS S3 bucket access control.mp4

01:00

11. Using different tools for recon.mp4

01:48

12. Enumerating Public IPs and External Endpoints.mp4

01:50

8. Identify and Exploit through IAM misconfiguration

1.1 IAM-AWS CLI.pdf

1. IAM - Inroduction.mp4

00:27

2. IAM - Key Components.mp4

04:58

3. IAM - Key Terms.mp4

01:33

4. Policies and Permissions.mp4

02:17

5. Demo - Creating User.mp4

06:32

6. Policies in detail.mp4

02:06

7. Demo - Creating Policy.mp4

01:19

8. Policy Versions.mp4

01:24

9. More Policies.mp4

02:17

10. Trust Relationships.mp4

02:23

11. Least Privilege Access.mp4

01:50

12. Resource based policies.mp4

00:49

13. Attaching multiple policies.mp4

01:37

14. Demo - Attaching and Detaching AWS Managed Policy for a user.mp4

01:48

15. Demo - Multiple Policy Version.mp4

03:31

9. Tools for Identityfying the IAM Misconfigurations

1.1 AWS IAM Privilege Escalation Methods.pdf

1. Using AWS Escalate.mp4

01:45

2. Using cloudfox.mp4

03:05

10. IAM - Privilege Esaclation

1. Privilege Escalation from same level access to administrative access.mp4

00:57

2. Privilege Escalation scenerios.mp4

13:52

3. Priviledge Escalation - Practical Demo.mp4

02:37

4. Priviledge Escalation - Practical Demo.mp4

04:47

11. EC2 instance enumeration and identifying the misconfiguration

1.1 AWS EC2 Cli.pdf

1. EC2 instances enumeration.mp4

01:49

2. EC2 instances - Root volume Manipulation.mp4

09:44

3. Domo - Back door using Auto Scaling launch template.mp4

02:35

4. Back door using Auto Scaling launch template.mp4

07:10

5. EBS Volumes are not attached.mp4

01:20

6. Volume Snapshots are not encrypted.mp4

01:08

12. Exploit through EC2 Instance Metadata Services

1.1 Instance Metadata and User Data.pdf

1. EC2 Instance Metadata Services.mp4

00:39

2. Instance Metadata Vulnerabilities.mp4

01:20

3. Instance Metadata Demo.mp4

03:18

4. Instance Metadata Version 2.mp4

00:56

5. Identifying the instance Metadata Version used.mp4

00:38

6. EnableDisable Instance Metada versions.mp4

01:31

7. EC2 Instance with SSRF Vulnerability - Demo.mp4

01:20

8. EC2 Instance with SSRF Vulnerability - Demo.mp4

01:58

9. Enabling Version 2 of Instance Metadata.mp4

02:00

13. Simple Storage Services (S3) and Vulnerabilities

1. S3 - Introduction.mp4

00:10

2. S3 Introduction.mp4

01:06

3. S3 Permissions.mp4

01:24

4. Creating a S3 Bucket.mp4

07:44

5. Accessing the buckets.mp4

00:42

6. Creating Bucket Policy for accessing S3 Buckets.mp4

03:35

7. Creating User Policy for accessing S3 Buckets.mp4

07:48

8. Scan the public S3 Bucket.mp4

01:17

9. Modify the policies.mp4

01:09

10. Summary.mp4

01:29

14. Detecting and Exploiting AWS RDS

1. AWS RDS Introduction.mp4

02:00

2. Scanning and Exploiting the RDS.mp4

04:51

15. Exploiting - AWS Lambda, API Gateway and Cloudfront

1. Serverless Architecture and AWS Lambda - Introduction.mp4

07:31

2. Creating Lambda fuction.mp4

04:41

3. Enumerating and Manupluating Lambda Versions.mp4

05:27

4. Enumerating Lambda through AWS Cli.mp4

02:39

5. Exploiting through Lambda versions.mp4

08:56

6. Exploit using vulnerable Lambda configuration.mp4

10:37

7. Other Lambda vulnerabilities.mp4

01:58

8. Introduction to Amazon API Gateway.mp4

01:43

9. API Gateway Attack Surfaces.mp4

01:28

10. Exploiting DynamoDB tables using Lambda function and API gateway.mp4

05:48

11. Exploiting API Gateway using mailicious Payload file.mp4

02:05

12. AWS Cloudfront.mp4

02:10

13. AWS Cloudfront - How its working.mp4

02:34

14. Cloudfront Attack surfaces.mp4

01:58

15. Finding the Attack Surfaces and Exploiting Cloudfront.mp4

01:36

16. Vulnerability Testing through OWASP ZAP.mp4

01:59

17. AWS Cloudfront Hijack.mp4

02:31

18. Cloudfrunt tool - Identifying misconfigured CloudFront domains.mp4

00:13

16. Exploiting through security groups

1.1 AWS CLI and Tools for Security Groups.pdf

1. Security Groups - allowing access to external world.mp4

02:55

2. Exploiting through Security Groups.mp4

03:24

3. Detecting external open ports.mp4

01:49

4. Other Tools - Detecting external open ports.mp4

01:36

17. Tools used for assessing security risks in cloud environments

1.1 Tools Repo.txt

1. Popular tools for assessing security risks in cloud environments.mp4

02:05

2. Tools - Pacu.mp4

01:00

3. Enum and exploit using Pacu.mp4

05:04

4. Tools - Cloudfox.mp4

01:10

5. Exploiting with Cloudfox.mp4

07:13

6. Tools - Scout Suite.mp4

01:24

7. Security Audit using Scout Suite.mp4

04:02

18. Exploiting AWS ECR and ECS

1. AWS ECR - Introduction.mp4

01:50

2. Enumerating AWS ECR.mp4

01:44

3. AWS ECR Managed policies.mp4

01:47

4. AWS ECR Custom policies.mp4

01:15

5. Tools for testing the security of AWS ECR.mp4

00:26

6. AWS ECR Vulnerability Scan.mp4

00:45

7.1 AWS ECS Security - Potential Misconfigurations.pdf

7. AWS ECS - Introduction.mp4

01:23

8. ECS Misconfiguration potential opportunities.mp4

01:25

9. AWS ECS Enumeration.mp4

04:47

10. Exposure of Containers.mp4

04:19

11. Identifying Container Breakouts.mp4

03:38

12. Tools for identifying container breakouts.mp4

00:29

13. Practical demonstration of AWS ECS Cli and Backdoor.mp4

04:33

19. AWS WAF Security

1. AWS WAF Introduction.mp4

02:33

2. Detecting a WAF.mp4

00:42

3. Deploying OWASP Juice Shop application and testing.mp4

01:06

4. Bypassing WAF - Demonstration using Juice Shop Application.mp4

05:28

5. AWS WAF Limitations.mp4

00:42

6. AWS WAF 8KB request body inspection.mp4

00:22

7. Testing AWS 8KB request body Payload.mp4

03:59

8. Generate AWS WAF Bypass payloads using tool.mp4

01:43

9. Creating AWS WAF Bypass payloads using gotestwaf.mp4

04:31

20. AWS Route 53 Exploitation and Vulnerabilities

1.1 AWS Route53 - Highly available and scalable Domain.pdf

1. AWS Route 53 an Introduction.mp4

01:40

2. Exploring DNS Services through AWS console.mp4

02:23

3. Overview of Route53 Misconfigurations.mp4

01:53

4. Overview of DNS Attacks.mp4

03:18

5. AWS Rout53 Access and Policies.mp4

04:02

6. Dangling delegation records in Route 53.mp4

00:32

7. Detecting the misconfigurations of Zones and Records.mp4

02:34

8. Demontrating the Subdomain Takeover.mp4

04:28

21. AWS CICD Attacks

1.1 cicd.pdf

1. CICD - Introduction.mp4

11:02

2. Code Commit - Understanding the Security and Misconfigurations.mp4

02:44

3. Code Build - Understanding the Security and Misconfigurations.mp4

06:05

4. Code Pipeline- Understanding the Security and Misconfigurations.mp4

04:35

5. How AWS Policies works in CICD.mp4

08:36

22. Putting it all together - End to End Cloud Assessment

1. How to do end to end Penetration Testing or Red Teaming exercise.mp4

10:49

2.1 This is a Sample report templat1.pdf

2. Preparing a widespread report.mp4

03:39

Description

Exploit and Assess AWS Cloud Environment

What You'll Learn?

Gain a solid understanding of cloud computing concepts, including the advantages and challenges of cloud-based solutio
Acquire fundamental knowledge about Amazon Web Services (AWS), its core services, and its role in cloud computing.
Explore the essentials of cloud security, including key technologies and services designed to safeguard cloud data and infrastructure from cyber threats.
Learn how the shared security responsibility model works and grasp the roles and responsibilities of both AWS and the customer in securing cloud environments.
Develop the ability to recognize and assess the various attack surfaces within AWS cloud environments, identifying potential vulnerabilities and risks.
Acquire the skills and knowledge required to conduct red team activities, simulating real-world threats and enhancing your penetration testing expertise.
Learn how to assess and improve the configuration and security posture of both internal and external cloud resources, such as virtual machines, storage buckets,
Master advanced penetration testing techniques, tools, and methodologies, and apply them to assess and secure cloud environments effectively.
This course equips students with the foundational knowledge and practical skills required to navigate the complex landscape of cloud security within AWS, helpin

Who is this for?

Cyber Security professionals, Cloud Security engineers and Cloud administrator

What You Need to Know?

No Programming experience, working as Red teamer, pen tester

CyberSecurity Proffessional looking for Cloud Security

More details

Description
In an age of increasingly sophisticated cyber threats, safeguarding cloud environments, like AWS (Amazon Web Services), is paramount. This comprehensive course is meticulously crafted to arm you with the knowledge and skills necessary to fortify AWS environments and undertake penetration testing and red teaming endeavors. By delving deep into AWS security essentials, understanding shared security responsibilities, and mastering advanced penetration testing techniques, you will emerge well-equipped to shield AWS cloud ecosystems and uncover vulnerabilities before malicious adversaries can exploit them.
Course Content:
Understanding Cloud and AWS Services: Begin your journey with a solid foundation in cloud computing and a comprehensive grasp of the AWS ecosystem.
What are the AWS Security Services: Explore AWS's array of security services designed to protect cloud resources.
Shared Security Responsibilities in AWS: Uncover the core principles of shared security responsibilities, emphasizing the roles AWS plays in securing the cloud, and your role in securing your applications and data.
Understanding the Attack Surfaces: Navigate the vast attack surfaces in AWS cloud, identifying potential vulnerabilities and risks.
Assess/ Red Teaming of External Assets: Develop the skills to assess and engage in red teaming activities for external assets, simulating real-world threats.
Advanced Penetration Testing Techniques: Elevate your penetration testing expertise with advanced tactics, tools, and methodologies.
Exploitation and Assessment of AWS Services: Deep dive into the evaluation and exploitation of various AWS services, including IAM, S3, RDS, Lambda, CloudFront, API Gateway, WAF, EC2, and CI/CD security.
Practical Demonstrations and More: Apply your knowledge through hands-on exercises and practical demonstrations, cementing your understanding of AWS security.
Outcome:
Upon successful completion of this program, you will be empowered with the expertise to effectively secure AWS environments, perform penetration testing, and orchestrate red teaming exercises. With the ability to assess and pinpoint vulnerabilities across a spectrum of AWS services, you will significantly enhance your skills as a cybersecurity professional. Prepare to be a formidable guardian of AWS cloud resources, equipped to thwart threats and bolster security in the ever-evolving digital landscape.

Who this course is for:
Cyber Security professionals, Cloud Security engineers and Cloud administrator

User Reviews

Rating

average 0

Total votes0

Focused display

Over 25 years of experience in IT infrastructure support, design, and cybersecurity operations. I have practical knowledge in conducting security assessments for both on-premises and cloud environments. Also possess expertise in designing security measures for operational technology (OT), cloud platforms, and networks.Am holding certifications as a penetration tester and has worked with offensive and defensive security tools and proficient in programming languages such as Python, PowerShell, and Go, and have developed extensive skills in using these languages for development purposes.In terms of security operations, i have hands-on experience with SIEM (Security Information and Event Management) and XDR (Extended Detection and Response) tools like Wazuh and Microsoft Sentinel, with a focus on implementing threat intelligence capabilities and also experienced in using automation tools like Ansible and Terraform for infrastructure and security automation.I have participated in large-scale cloud migration programs and is familiar with various migration tools such as VMWare Vmotion, PlateSpin, and CloudEndure. I have utilized Ansible and Terraform extensively for enterprise-level projects, optimizing their usage and integrating them with Active Directory.Furthermore, knowledgeable in Ansible Network Automation and have contributed to Ansible Modules using Python code. have created and implemented Python code for infrastructure purposes, including tasks related to AWS provisioning, complex network and security automation, Cisco Voice (Call Manager) automation, Jabber provisioning, and directory number provisioning.Having professional experience includes working both on-site and offshore, collaborating with clients from North America (NA), Asia-Pacific (APAC), and Europe, the Middle East, and Africa (EMEA) regions.

Udemy

View courses Udemy

Students take courses primarily to improve job-related skills.Some courses generate credit toward technical certification. Udemy has made a special effort to attract corporate trainers seeking to create coursework for employees of their company.