AWS IAM Privilege Escalation Labs

Learn first-hand how attackers exploit IAM misconfigurations in AWS with tactics pulled from real case studies. This course is entirely made up of 🧪 Hands-On Labs with different scenarios that will teach you how to exploit some of the most dangerous IAM privilege escalation weaknesses. The final section is made up of Challenges that will test your new skills and knowledge by providing vulnerable environments for you to capture the flag with limited information and hints. Good luck and have fun!

Christophe · November 19, 2023

Testimonials

“This course not only taught me how to think like an attacker, but also how easy it is to escalate privileges if excessive IAM permissions are present in the cloud. I honestly loved it and recommend it 100%!” – Mariana Arce Aguilar (Cybersecurity Engineer)

“I thoroughly enjoyed every aspect of this course. The content was engaging and well-structured, and I particularly appreciated the approach it took. Both challenges provided were not only interesting but also highly stimulating. I would strongly recommend this course to anyone interested in AWS Pentesting.” – Revanth (Security Engineer II)

“I just wanted to say that Challenge 2 was absolutely fantastic! It’s evident that a lot of thought and effort went into crafting it. I really appreciated how it encompassed various learning strategies and commands. One of the standout features for me was how comprehensively it tackled IAM enumeration recon. A quick tip for fellow students: It’s super beneficial to create your own notes on AWS CLI commands. Not only will it assist you in cracking Challenge 1, but it’s especially handy for navigating through Challenge 2.” – Ritesh

“Great course Christophe, I really loved the challenges and lab. I was initially planning to study for AWS Certified Security Specialty exam, but it occurred to me that I should first learn attacking AWS which led me to this platform. I must say that after doing these courses and labs, my knowledge has not only increased in the offensive side, but on also how can we secure our accounts by adding multiple layers of access controls like Permission Boundaries, Resource Based Policies, SCPs etc.” – 1llus1on

Who is it for?

Anyone interested in learning about AWS IAM security. Red teamers and blue teamers will pick up new skills they can apply directly on the job to find weaknesses and misconfigurations, and to be able to demonstrate impact. Relevant roles include:

  • Cloud penetration testers
  • Security researchers
  • Cloud Architects
  • Cloud Security Engineers
  • DevSecOps roles and teams

What will you learn?

  • AWS IAM Enumeration and Reconnaissance
  • How to identify cloud misconfigurations
  • Lateral movement and pivoting in the AWS cloud

What makes this course different

100% 🧪 Hands-On Labs and Practical: This course is the definition of practical learning and is made up entirely of Hands-On Labs. Each section has a deployable learning lab with a specific scenario for you to complete that will teach you a practical and real-world IAM vulnerability exploit. The final section is made up of Challenges which are challenge labs that test your new skills and knowledge. Most training platforms do not offer this many and this level of AWS IAM security labs because of the risks involved. This is our specialty.

About the Course

Number of labs: 15 learning labs and 2 challenge labs

Difficulty: Beginner to Intermediate. The labs start off easy and become a little bit more advanced as we go along, which is great for people interested in getting started with AWS pentesting and security research.

Recommended pre-requisites: You should have the AWS CLI installed (or the know-how to install it), and you should already have an AWS account. Even though you won’t need it for this course since we provide the environments, if you’ve never used AWS before, this is not the course to start with. We recommend a decent understanding of AWS IAM (you know what users, groups, roles, and permissions are). We would instead recommend starting with our Introduction to AWS Security course, or maybe even the AWS Cloud Practitioner if you have limited prior AWS experience.

About the Author

This course was created, developed, and published by Christophe Limpalair. Christophe is the founder and an author at Cybr, where he’s published many courses on topics of ethical hacking. Over the past 8 years, Christophe has taught multiple AWS courses including associate and professional-level AWS certification courses, and helped tens of thousands of learners get certified. He also helped pioneer, develop, maintain, and secure Linux Academy’s Hands-On Labs and Assessments technology which ran as a $1m+ budget on AWS, and which has since become the lab platform used by Pluralsight.

Christophe now develops Cybr’s Hands-On Labs, which, unlike most organizations that work hard to keep outsiders out of their AWS environments, openly invites learners to dive into our AWS accounts and ‘hack away!’ This demands a high level of technical expertise to create hyper-realistic scenarios while keeping our environments safe and controlled. In this course, he shares his deep knowledge of AWS IAM and privilege escalation attacks, guiding you on how to identify privilege escalation paths and secure your own AWS resources and environments.

Hall of Fame

🎉 The first person to successfully complete and solve both of the Challenges in this course:

Course Content

Introduction

Introduction to AWS Enumeration
iam:CreateAccessKey
iam:CreateLoginProfile
iam:UpdateLoginProfile
iam:SetDefaultPolicyVersion
iam:AddUserToGroup
iam:AttachUserPolicy
iam:AttachGroupPolicy
iam:PutUserPolicy
iam:PutGroupPolicy
iam:AttachRolePolicy
iam:PutRolePolicy
Challenges
Conclusion

About Instructor

Christophe

19 Courses

Not Enrolled

Course Includes

  • 36 Lessons