Back to Course
Pentesting AWS Environments with Pacu, CloudGoat, and ChatGPT
0% Complete
0/0 Steps
-
Introduction
About the course and author -
About using CloudGoat, Pacu, and ChatGPT
-
Who this course is for
-
Important quick note on AWS resource pricing
-
[LAB] Create a billing alert to avoid surprise bills
-
We want your feedback
-
Setting up our lab environmentRead this before installing Pacu/CloudGoat!
-
[DEMO] Pacu [Option #1] Install with pip [Recommended]
-
[DEMO] Pacu [Option #2] Use with Docker
-
[DEMO] CloudGoat [Option #1] Install with Git
-
[DEMO] CloudGoat [Option #2] Running with Docker
-
[DEMO] Configuring AWS access credentials for CloudGoat
-
[DEMO] Configuring AWS access credentials
-
Getting started with PacuPacu Quick Start Guide
-
IAM Privilege Escalation by Misconfiguration (Small / Easy)Scenario overview
-
[DEMO] Admin privilege escalation demonstration
-
[DEMO] Cleaning up our lab environment
-
Vulnerable Lambda (Small / Easy)Scenario overview
-
[DEMO] Creating our lab environment
-
[DEMO] Exploiting vulnerable Lambda functions for admin access
-
[DEMO] Cleaning up our lab environment
-
[Cheat Sheet] Solution steps (CLI)
-
[LAB] [CTF] Lambda SQLi PrivEsc to Access Secret
-
IAM Privilege Escalation by Rollback (Small / Easy)Scenario overview
-
[DEMO] Exploiting IAM versions
-
[DEMO] Cleaning up our lab environment
-
[Cheat Sheet] Solution steps (CLI)
-
[LAB] [CTF] PrivEsc via IAM Version Rollback
-
Cloud Breach via S3 (Small / Moderate)Scenario walkthrough
-
[LAB] [DEMO] Exploiting EC2 to reach S3
-
Preventing this exploit
-
Cleaning up our lab environment
-
[Cheat Sheet] Solution steps (CLI)
-
IMDSv2 Compromise (SMALL / MODERATE)Scenario walkthrough
-
[LAB] Compromise EC2 IMDSv2 with RCE
-
[Cheat Sheet] Solutions Steps (CLI)
-
ECS Takeover (Medium / Moderate)Scenario walkthrough
-
[DEMO] ECS RCE exploit to get credentials
-
[DEMO] ECS Takeover
-
[DEMO] Cleaning up our lab environment
-
[Cheat Sheet] Solution steps (CLI)
-
Wrap-up and Key TakeawaysWhat's next?
-
We want your feedback
Responses