Trekking the cloud

Hacking in Amazon Web Services

  • Describing AWS, its architecture, and some best practices

  • Abusing AWS authentication types

  • Leveraging attacker tools to enumerate and look for backdoors

  • Building ongoing persistence on EC2 Compute through backdooring AWS

Hacking in Azure

  • How the Azure control plane and data plane work in relation to us breaking in

  • How we can find Microsoft identities on Azure AD and take the accounts over

  • How the system-assigned managed identities in Microsoft work and how can we use them

Hacking containers

  • Linux containers

  • Applications, specifically Docker

  • Container security

  • Kernel capabilities

Hacking on Kubernetes

  • Kubernetes architecture

  • Fingerprinting Kubernetes API Servers

  • Getting access to Kubernetes internals

  • Moving laterally