Hands-On Labs Added December 2024: Red Team and Blue Team
Better late than never! With the holidays being so busy, we forgot to post about our December 2024 Hands-On Lab releases. Let’s take a look.
They include labs in 3 primary categories:
- Foundational (Helpful Tools)
- Blue Team
- Red Team
Generate IAM Credentials Reports

Learn how to generate an IAM Credentials Report, which is a built-in AWS tool that provides information about users and user authentication in an AWS account. The report lists all users, their creation dates, and details about their authentication methods including passwords, access keys, and MFA devices, along with timestamps of when these credentials were last used. While reviewing the report, consider what specific security recommendations you would make based on your findings. This lab environment provides AWS Console, CLI, and CloudShell access.
Access Secrets Manager via Lambda Function with LFI

Exploit a Lambda function’s LFI injection vulnerability to compromise a web application, gaining unauthorized access to Secrets Manager. Capture the flag by retrieving the secret value.
Convert CLI credentials into AWS Console access with AWS Consoler

Have you ever had temporary credentials from assuming a role or long-term AWS credentials like an access key and struggled to log in to the AWS Management Console? AWS_Consoler is an open source tool that simplifies the process by generating an AWS console sign-in link from API/CLI credentials using the federation endpoint. In this lab, you’ll receive credentials and learn how to use AWS_Consoler with both IAM user access keys and IAM role temporary credentials.
Query IAM Credentials Reports with Steampipe

Explore how to leverage Steampipe for querying AWS IAM Credential Reports effectively. The lab demonstrates how to generate credential reports via AWS CLI and then use Steampipe’s SQL-like interface to extract actionable security insights. You will learn to write queries that identify root account usage, MFA status, and IAM users with active access keys and console passwords. This practical exercise bridges the gap between raw credential reports and meaningful security analysis.
Responses