Trekking the cloud

Hacking in Amazon Web Services

• Describing AWS, its architecture, and some best practices

• Abusing AWS authentication types

• Leveraging attacker tools to enumerate and look for backdoors

• Building ongoing persistence on EC2 Compute through backdooring AWS

Hacking in Azure

• How the Azure control plane and data plane work in relation to us breaking in

• How we can find Microsoft identities on Azure AD and take the accounts over

• How the system-assigned managed identities in Microsoft work and how can we use them

Hacking containers

• Linux containers

• Applications, specifically Docker

• Container security

• Kernel capabilities

Hacking on Kubernetes

• Kubernetes architecture

• Fingerprinting Kubernetes API Servers

• Getting access to Kubernetes internals

• Moving laterally