Null offensive hacking hands-on training.
Proposed sessions for this event:
- First Session by Chandrapal Badshah
- Second Session by Chandrapal Badshah
- CTF by Chandrapal Badshah
AWS Exploitation Workshop for Blackbox Pentesters
An immersive 8-hour workshop designed for Blackbox Pentesters looking to enhance their skills in attacking and exploiting AWS resources.
This beginner-friendly session dives deep into AWS security, focusing on identifying and exploiting vulnerabilities in various AWS services.
What You Will Learn
Throughout the workshop, attendees will gain hands-on experience in:
- Enumerating and Reconnaissance: Identifying and mapping AWS resources.
- IAM Misconfigurations: Exploiting flaws in IAM roles and policies.
- S3 Bucket Exploitation: Accessing and exfiltrating data from misconfigured S3 buckets.
- EC2 Instance Attacks: Gaining unauthorized access to EC2 instances.
- Other Common Misconfigurations: Identifying and exploiting other prevalent AWS vulnerabilities.
Capture the Flag (CTF) Event
The workshop will conclude with a Capture the Flag (CTF) event, allowing attendees to apply what they've learned in a simulated AWS environment.
The CTF event will end on the same day, but the labs will remain accessible for 48 hours post-session for further practice.
Ideal Audience
This workshop is best suited for individuals aiming to work on breaking into AWS environments, including:
- Offensive Security Engineers
- Pentesters Specializing in Cloud Security
- Security Engineers
- Technical Cloud Security Consultants
Not Suitable For
- Red Teamers: This session does not cover advanced attack tactics, defense evasion, C2 hosting, or advanced data exfiltration.
- Blue Teamers & Defenders: Defensive strategies against these attacks are not covered.
- Beginners to AWS: Basic understanding of AWS and cloud computing concepts is required.
Requirements for Participation
- AWS Account: Each attendee must have their own AWS account with root/admin access. Free tier accounts are sufficient.
- AWS CLI v2: Must be installed on the attendee's system.
- Hardware: Attendees must bring their own laptops with internet connectivity.
- Knowledge Base: Basic familiarity with AWS services and concepts like IAM, Lambda, EC2, etc., is needed.
| Date | Saturday June 01 2024 |
|---|---|
| Chapter | Bangalore |
| Registrations | 56 |
| Max Registrations | 60 |
| Event Type | Invite Only |
| Start Time | 09:00 AM |
| End Time | 07:00 PM |
Session Schedule
| Name | Speaker | Start Time | End Time | Resources |
|---|---|---|---|---|
| First Session | Chandrapal Badshah | 10:00 AM | 01:00 PM | |
| Lunch | 01:00 PM | 02:00 PM | ||
| Second Session | Chandrapal Badshah | 02:00 PM | 04:00 PM | |
| CTF | Chandrapal Badshah | 04:00 PM | 06:00 PM | |