Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore advanced techniques for pivoting and escalating privileges in Amazon Web Services (AWS) environments in this Black Hat conference talk. Learn about various AWS components including EC2, SQS, IAM, RDS, meta-data, and user-data, as well as how to exploit misconfigurations to gain unauthorized access to operating systems, databases, application source code, and Amazon's services through its API. Follow a step-by-step demonstration of how an attacker can progress from exploiting an initial web application vulnerability to ultimately compromising the root account of an Amazon user. Discover cloud-specific vulnerabilities and weaknesses, and gain insights into tools that can enumerate AWS service access, create new AWS users, extract credentials, clone databases, and inject malicious tasks. Understand the intricacies of AWS security and learn how to better protect your cloud infrastructure against potential threats.
