Workshop: Deep Dive into Cloud Security

Speaker 1

Abstract

Cloud services are the new favorite of attackers. AWS holds a large part of these cloud services. The speakers are going to conduct a hands-on workshop on techniques to conduct security assessments on the AWS environment.


  • Key learning objectives
    • Enumerating AWS running services
    • Testing S3 bucket configuration and permission flaws
    • EC2 instance and application exploitation
    • Pentesting Lambda functions
  • Utilities/Software Requirements
    • Python
    • AWS CLI (https://aws.amazon.com/cli/)
    • PACU (https://github.com/RhinoSecurityLabs/pacu)
    • Scout suite (https://github.com/nccgroup/ScoutSuite)
    • s3 scanner (https://github.com/sa7mon/S3Scanner)
  • System Requirements
    • Linux OS
  • Hardware Requirements
    • Laptop (Min. 8GB RAM)

Mr. Jaimin gohel is Manager - Professional services at Net square, Chapter lead of null Ahmedabad - null is India's largest Open Security Community. He has worked on various projects of vulnerability assessment and penetration testing apart from that he is speaker at various technical events.