{"id":1716,"date":"2018-12-17T17:01:09","date_gmt":"2018-12-17T15:01:09","guid":{"rendered":"https:\/\/archive.brucon.org\/2023\/?page_id=1716"},"modified":"2022-01-25T13:45:25","modified_gmt":"2022-01-25T11:45:25","slug":"hacking-and-securing-cloud-infrastructure","status":"publish","type":"page","link":"https:\/\/archive.brucon.org\/2023\/brucon-2023-training\/hacking-and-securing-cloud-infrastructure\/","title":{"rendered":"Hacking and Securing Cloud Infrastructure"},"content":{"rendered":"<div class=\"wpb-content-wrapper\"><p>[vc_row][vc_column][vc_column_text]<\/p>\n<h2>Course Description<\/h2>\n<p>This 3-day course cuts through the mystery of Cloud Services (including AWS, Azure and G-Cloud) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing a traditional network infrastructure. Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and how to protect yourself from them, is critical.<\/p>\n<p>This class covers both the theory a well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2>Course contents<\/h2>\n<p>Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and how to protect yourself from them, is critical. This class covers both the theory a well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure<\/p>\n<p>Prior pentest\/security experience is not a strict requirement, however, some knowledge of Cloud Services and familiarity with common Unix command-line syntax will be beneficial.<\/p>\n<p><strong>INTRODUCTION TO CLOUD COMPUTING<\/strong><\/p>\n<ul>\n<li>Introduction to cloud and why cloud security matters<\/li>\n<li>Comparison with conventional security models<\/li>\n<li>Shared responsibility model<\/li>\n<li>Legalities around Cloud Pentesting<\/li>\n<li>Attacking Cloud Services<\/li>\n<\/ul>\n<p><strong>ENUMERATION OF CLOUD ENVIRONMENTS<\/strong><\/p>\n<ul>\n<li>DNS based enumeration<\/li>\n<li>OSINT techniques for cloud based asset<\/li>\n<\/ul>\n<p><strong>GAINING ENTRY VIA EXPOSED SERVICES<\/strong><\/p>\n<ul>\n<li>Serverless based attacks (AWS Lambda \/ Azure &amp; Google functions)<\/li>\n<li>Web application Attacks<\/li>\n<\/ul>\n<p><strong>ATTACKING SPECIFIC CLOUD SERVICES<\/strong><\/p>\n<ul>\n<li>Storage Attacks<\/li>\n<li>Azure AD Attacks<\/li>\n<li>IAM Misconfiguration Attacks<\/li>\n<li>Roles and permissions based attacks<\/li>\n<li>Attacking Incognito misconfigurations<\/li>\n<\/ul>\n<p><strong>EXPLOITING KUBERNETES CLUSTERS AND CONTAINER AS A SERVICE<\/strong><\/p>\n<ul>\n<li>Understanding how container technology works<\/li>\n<li>Exploiting docker environments and breaking out of containers<\/li>\n<li>K8s exploitation and breakouts<\/li>\n<li>Exploiting misconfigured containers<\/li>\n<\/ul>\n<p><strong>POST \u2013 EXPLOITATION<\/strong><\/p>\n<ul>\n<li>Persistence in Cloud<\/li>\n<li>Post exploit enumeration<\/li>\n<li>Snapshot access<\/li>\n<li>Backdooring the account<\/li>\n<\/ul>\n<p><strong>AUDITING AND BENCHMARKING OF CLOUD<\/strong><\/p>\n<ul>\n<li>Preparing for the audit<\/li>\n<li>Automated auditing via tools<\/li>\n<li>IaaS Auditing Windows and *nix Environments<\/li>\n<li>Golden Image \/ Docker image audits<\/li>\n<li>Relevant Benchmarks for cloud<\/li>\n<\/ul>\n<p><strong>DEFENDING THE CLOUD ENVIRONMENT<\/strong><\/p>\n<ul>\n<li>Identification of cloud assets (AWS, Azure and GCP)<\/li>\n<li>Protection of Cloud Assets<\/li>\n<li>Principle of least privilege<\/li>\n<li>Control Plane and Data Plane Protection<\/li>\n<li>Metadata API Protection<\/li>\n<\/ul>\n<p><strong>DETECTION OF SECURITY ISSUES<\/strong><\/p>\n<ul>\n<li>Setting up Monitoring and logging of the environment<\/li>\n<li>Identifying attack patterns from logs *<\/li>\n<li>Real time monitoring of logs *<\/li>\n<\/ul>\n<p><strong>RESPONSE TO ATTACKS<\/strong><\/p>\n<ul>\n<li>Automated Defense techniques<\/li>\n<li>Cloud Defense Utilities<\/li>\n<li>Validation of Setup<\/li>\n<\/ul>\n<p><strong>PURPLE TEAMING WHERE RED AND BLUE EXCHANGE NOTES <\/strong><\/p>\n<p><strong>CTF TO REINFORCE LEARNING<\/strong><\/p>\n<p>*Demo will be shown by the instructor, Lab time will be provided if time permits. Extended Lab access will be available for 30 days after the class.<\/p>\n<h2>Key Takeaways<\/h2>\n<p>Students will gain knowledge of attacking, exploiting and defending a variety of Cloud infrastructure. First, they will play the part of the hacker, compromising serverless apps,\u00a0cloud machines, storage and database services, dormant assets and resources.\u00a0Students will learn privilege escalation and pivoting techniques specific to cloud environments. This is followed by Infrastructure Defense, secure configuration, auditing, logging, benchmarks.<\/p>\n<p>Students will learn preventive measures against cloud attacks, host-based defense and a number of cloud tools that can help in securing their services and resources. Apply the learning to:<\/p>\n<p>Apply the learning to:<\/p>\n<ul>\n<li>Identify weaknesses in cloud deployment<\/li>\n<li>Fix the weaknesses in your cloud deployment<\/li>\n<li>Monitor your cloud environment for attacks<\/li>\n<\/ul>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2>Target audience<\/h2>\n<p>Cloud Administrators, Developers, Solutions Architects, DevOps Engineers, SOC Analysts, Penetration Testers, Network Engineers, security enthusiasts and anyone who wants to take their skills to next level[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2>Student requirements<\/h2>\n<p>Delegates must bring their own laptop and have admin\/root access on it. The laptop must have a virtualization software (virtualbox \/ VMWare) pre installed. A customized version of Kali<br \/>\nLinux (ova format) containing custom tools, scripts and VPN scripts for the class will be provided to the students. The laptop should have at least 4 GB RAM and 20 GB of free disk space<br \/>\ndedicated for the VM.<\/p>\n<h2><strong>What students will be provided with<\/strong><\/h2>\n<p>Our own customized version of kali linux with inhouse developed scripts and tools to help with hacking auditing and securing Cloud[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2>Trainer Biography<\/h2>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column width=&#8221;5\/6&#8243;][vc_column_text]<strong>Anthony Webb<\/strong> is proud to have been a committed tech geek ever since first learning to code on a BBC Micro at around 6 years old. He has worked in Information Security specifically for the past 6 years and specializes in Infrastructure Security, Cloud Security, Penetration Testing and Red Teaming. Anthony works as an Associate Director with NotSoSecure and holds industry recognized accreditations including OSCP, QSTM\/CTM, CREST CRT as well as a number of<br \/>\nAWS certifications including Security \u2013 Specialty, Solutions Architect and Developer Associate. He is a trainer for a number of NotSoSecure\u2019s hacking courses ranging from introductory through to advanced and specialist. He is a lead trainer for both the Advanced Infrastructure Hacking (AIH) and Hacking and Defending Cloud courses. Anthony has delivered training at a number of conferences including BlackHat conferences globally, CPX360, BruCON, OWASP AppSec Day, as well as many smaller classroom and in-house groups and live web-based training delivery.<\/p>\n<p><b>Social media<\/b><\/p>\n<ul>\n<li>Twitter : <a href=\"https:\/\/www.twitter.com\/notsosecure\" target=\"_blank\" rel=\"noopener noreferrer\">@notsosecure<\/a><\/li>\n<li>LinkedIn : <a href=\"https:\/\/www.linkedin.com\/company\/notsosecure\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/www.linkedin.com\/company\/notsosecure<\/a><\/li>\n<\/ul>\n<p>[\/vc_column_text][\/vc_column][vc_column width=&#8221;1\/6&#8243;][vc_single_image image=&#8221;1825&#8243; style=&#8221;vc_box_circle&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<style type=\"text\/css\">.thegem-button-6a3105ea2fe7f4628 .gem-button svg {fill: #ffffff;}.thegem-button-6a3105ea2fe7f4628 .gem-button:hover svg {fill: #ffffff;}<\/style><div class=\"gem-button-container gem-button-position-fullwidth thegem-button-6a3105ea2fe7f4628    \"  ><a class=\"gem-button gem-button-size-giant gem-button-style-flat gem-button-text-weight-normal\" data-ll-effect=\"drop-right-without-wrap\" style=\"border-radius: 3px;background-color: #b43836;color: #ffffff;\" onmouseleave=\"this.style.backgroundColor='#b43836';this.style.color='#ffffff';\" onmouseenter=\"this.style.backgroundColor='#ef5047';this.style.color='#ffffff';\" href=\"https:\/\/brucon-0x0e-spring-training.eventbrite.co.uk\" target=\"_self\">Buy Training Ticket<\/a><\/div> [\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_empty_space][\/vc_column][\/vc_row]<\/p>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>[vc_row][vc_column][vc_column_text] Course Description This 3-day course cuts through the mystery of Cloud Services (including AWS, Azure and G-Cloud) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing a traditional network infrastructure. Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":75,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-1716","page","type-page","status-publish"],"_links":{"self":[{"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/pages\/1716","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/comments?post=1716"}],"version-history":[{"count":23,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/pages\/1716\/revisions"}],"predecessor-version":[{"id":3000,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/pages\/1716\/revisions\/3000"}],"up":[{"embeddable":true,"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/pages\/75"}],"wp:attachment":[{"href":"https:\/\/archive.brucon.org\/2023\/wp-json\/wp\/v2\/media?parent=1716"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}