Current Status

Not Enrolled

Price

from $1000

Get Started

Take this Course
Breaching AWS hands-on security training

The “Breaching AWS” course offers a comprehensive learning experience focused on AWS security through a simulated environment. It’s designed for individuals interested in AWS security concepts, including penetration testers, cloud architects, and security engineers. Participants will learn through hands-on labs about AWS-specific attack methods, cloud misconfigurations, and exploitation techniques.

The course covers a wide range of topics such as AWS reconnaissance, phishing, exploiting misconfigured services, and conducting security audits. Upon completion, participants can earn the Offensive AWS Security Professional (OAWSP) badge, demonstrating their proficiency in AWS security assessments and attack strategies.

Course Content

Introduction
Introduction 2 Topics
Lesson Content
0% Complete 0/2 Steps
Breaching AWS – Rules of Engagement
Breaching TWOCAPITALS
BAWS 00 – Introduction to AWS and AWS Security Services 1 Topic
BAWS 02 – AWS Subdomain Takeover
BAWS 03 – Enumeration & Command Execution via SSM 3 Topics
BAWS 04 – Abuse IAM User Roles, Instance Metadata & SNS 4 Topics
BAWS 05 – Capture Credentials from SNS Service 3 Topics
BAWS 06 – Get Remote Code Execution on a Lambda Function 3 Topics
BAWS 07 – Enumerate and Read Data from DynamoDB 3 Topics
BAWS 08 – Upload Malicious Image into ECR 3 Topics
BAWS 09 – AWS SSO Phishing Attack 3 Topics
BAWS 10 – Enumerate AWS IAM Identity Center Permissions 3 Topics
BAWS 11 – Enumerate AWS IAM Permission & Retrieve Secrets from Secret Manager 3 Topics
BAWS 12 – Utilising Rancher to Gain Shell Access to a Pod 4 Topics
BAWS 13 – Enumerate RDS and Retrieve the Final Flag 2 Topics
Lesson Content
0% Complete 0/2 Steps
BAWS Bonus – AWS Defense 1 Topic
Lesson Content
0% Complete 0/1 Steps