Null offensive hacking hands-on training.

Proposed sessions for this event:

  • First Session by Chandrapal Badshah
  • Second Session by Chandrapal Badshah
  • CTF by Chandrapal Badshah
Note: The session details including schedule are available below.

AWS Exploitation Workshop for Blackbox Pentesters

An immersive 8-hour workshop designed for Blackbox Pentesters looking to enhance their skills in attacking and exploiting AWS resources.
This beginner-friendly session dives deep into AWS security, focusing on identifying and exploiting vulnerabilities in various AWS services.

What You Will Learn

Throughout the workshop, attendees will gain hands-on experience in:
- Enumerating and Reconnaissance: Identifying and mapping AWS resources.
- IAM Misconfigurations: Exploiting flaws in IAM roles and policies.
- S3 Bucket Exploitation: Accessing and exfiltrating data from misconfigured S3 buckets.
- EC2 Instance Attacks: Gaining unauthorized access to EC2 instances.
- Other Common Misconfigurations: Identifying and exploiting other prevalent AWS vulnerabilities.

Capture the Flag (CTF) Event

The workshop will conclude with a Capture the Flag (CTF) event, allowing attendees to apply what they've learned in a simulated AWS environment.
The CTF event will end on the same day, but the labs will remain accessible for 48 hours post-session for further practice.

Ideal Audience

This workshop is best suited for individuals aiming to work on breaking into AWS environments, including:

- Offensive Security Engineers
- Pentesters Specializing in Cloud Security
- Security Engineers
- Technical Cloud Security Consultants

Not Suitable For

  • Red Teamers: This session does not cover advanced attack tactics, defense evasion, C2 hosting, or advanced data exfiltration.
  • Blue Teamers & Defenders: Defensive strategies against these attacks are not covered.
  • Beginners to AWS: Basic understanding of AWS and cloud computing concepts is required.

Requirements for Participation

  • AWS Account: Each attendee must have their own AWS account with root/admin access. Free tier accounts are sufficient.
  • AWS CLI v2: Must be installed on the attendee's system.
  • Hardware: Attendees must bring their own laptops with internet connectivity.
  • Knowledge Base: Basic familiarity with AWS services and concepts like IAM, Lambda, EC2, etc., is needed.
Date Saturday June 01 2024
Chapter Bangalore
Registrations 56
Max Registrations 60
Event Type Invite Only
Start Time 09:00 AM
End Time 07:00 PM

Session Schedule

Name Speaker Start Time End Time Resources
First Session Chandrapal Badshah 10:00 AM 01:00 PM
Lunch 01:00 PM 02:00 PM
Second Session Chandrapal Badshah 02:00 PM 04:00 PM
CTF Chandrapal Badshah 04:00 PM 06:00 PM

Venue


This is an invite only event. If you are selected you will receive further information via e-mail.