Course Overview | Hacking Cloud Infrastructure
Master the latest techniques in cloud security with this 2-day hands-on course. Designed for cloud administrators, penetration testers, and IT professionals, this training offers practical skills in exploiting vulnerabilities and securing environments like AWS and Azure. With 70% lab-based exercises and real-world scenarios, participants will enhance their ability to identify and remediate risks in cloud systems.

As cloud innovation gives birth to new technologies and new threats, now is the time to modernize your cloud security skills and bring them up to the industry standard. Join this hands-on, 2-day course to push your cloud hacking and vulnerability remediation skills to the next level and widen your career prospects. Get your hands dirty with our popular virtual labs and learn from experienced, practicing penetration testers with a legacy of training at Black Hat.
Who it’s for • Cloud administrators and architects • Penetration testers and red teamers • CSIRT/SOC analysts and engineers/blue teams • Developers • Security/IT managers and team leads
This course is suitable for anyone with a stake or interest in cloud security, from technical practitioners to decision makers. The syllabus has been designed to cover the latest vulnerabilities and advances in hacking, as well as the skills to penetration test cloud systems and environments and remediate vulnerabilities.
Hacking Cloud Infrastructure BY
2 day class
Delegates must have the following to make the most of the course: • Basic to intermediate knowledge of cyber security (1.5+ years’ experience). • Experience with common command line syntax.
Top 3 takeaways • Exploitation techniques to gain cloud entry via exposed services. • Post-exploitation techniques to enumerate systems and achieve exfiltration. • Methods for defending different cloud environments.
What you’ll learn This course uses a Offense methodology based on real world offensive research (not theory). That means everything we teach has been tried and tested on live environments and in our labs and can be applied once the course is over. By the end, you’ll know how to: • Think and behave like an advanced, real-world threat actor. • Identify and exploit complex vulnerabilities and security misconfigurations in AWS, Microsoft Azure. • Design your penetration tests around real-world attacker behaviors and tooling, making it relevant to the threats facing your organization. • Identify the attack surface exposure created by cloud-based services such as virtual machines (VMs), buckets, container as a service (CaaS) platforms, and serverless functions.
What you’ll be doing You’ll be learning hands on: • Spending most of the session (~70%) on lab-based exercises. • Using lab-based flows to explore and hack lifelike cloud environments. • Exploiting different cloud and container environments. • Competing in a Capture the Flag (CTF) challenge to test your new skills. • Discussing case studies with your course leader to understand the real-world impact of the hacks covered.
IntermediateGet Certified
H A C K I N G P O I N T
Why it’s relevant The cyber security skills shortage is felt perhaps nowhere as deeply as in the cloud. With new rulebooks and standards, practitioners often find themselves playing catch up with the latest developments in technology and in the threat landscape. This course is designed to be a highly informative bootcamp to help you advance your skills in the most important and relevant areas of cloudsec. Across two days, you’ll learn about the high-impact vulnerabilities and flaws that could be open in your organization right now and how to fix them. Our syllabuses are revised regularly to reflect the latest in-the-wild hacks, the newest system releases, and whatever proof of concepts we’ve been developing in our own research. Because they remain so up to date with the threat landscape and security industry standard, many delegates return every 1-2 years to update their skills and get a refresh.
What’s in the syllabus Note: our syllabuses are subject to change based on new vulnerabilities found and exploits released.
Day 1: INTRODUCTION TO CLOUD COMPUTING • Introduction to the cloud and why cloud security matters • Comparison with conventional security models • Shared responsibility model • Legalities around Cloud Pentesting • Attacking Cloud Services
ENUMERATION OF CLOUD ENVIRONMENTS • DNS-based enumeration • OSINT techniques for cloud-based asset identification • Username Enumeration
GAINING ENTRY VIA EXPOSED SERVICES
• Serverless-based attacks (AWS lambda) • PaaS Attack: SSRF Exploitation over AWS ElasticBeanStalk • IaaS Attack: Gaining Database Access
ATTACKING STORAGE SERVICES (AWS, AZURE, GCP) • Exploring files storage • Exploring SAS URLs in Azure • Exploit Misconfigured Storage Service
ATTACKING AZURE AD ENVIRONMENT • Introduction to Azure • Azure application attacks (App Service, Function App, Enterprise Apps)
Day 2: AZURE SECTION CONTINUE • Abuse Azure Service Principle Misconfiguration • Azure AD Authentication Methods
AWS: SERVICES MISCONFIGURATION • Attacking AWS Incognito Misconfiguration
AWS IDENTITY AND ACCESS MANAGEMENT • AWS: Identity and Access Management • AWS IAM Policies and Roles • IAM Policy Evaluation • Roles and Permissions-Based Attacks • Shadow Admin Attacks • AWS IAM Access Analyzer
CONTAINERS AS A SERVICE AND K8S EXPLOITATION • Understanding how container technology works (namespaces, cgroup, chroot) • From docker to Kubernetes • Identifying vulnerabilities in docker images • Exploiting misconfigured containers • Exploiting docker environments and breaking out of containers • Exploring Kubernetes (k8s) environments • K8s exploitation and breakouts • Pivoting to host OS
BONUS EXERCISES DURING EXTENDED LAB PERIOD • Azure MFA Bypass • Azure Privilege Escalation • Azure Dynamic Group Misconfiguration
H A C K I N G P O I N T
CAPTURE THE FLAG • A timed competition to test your new skills and reinforce everything you’ve learnt.
Course highlights What delegates love:
• Our labs: probably the biggest selling point for our courses. Not only will you spend most of the course hacking hands-on in a lifelike web environment, you’ll also have 30+ days access to practice your new skills afterwards. • Individual access: you’ll have your own infrastructure to play with, enabling you to hack at your own speed. • Real-world learning: where many leading cyber security training courses are based on theory, our scenario-led, research-based approach ensures you learn how real threat actors think and act. • Specialist-led training: you’ll learn from highly skilled and experienced practicing penetration testers and red teamers. • Up-to-date content: our syllabus remains so relevant, delegates come back year after year for more. • Remediations included: you’ll learn how to fix as well as find vulnerabilities • Course topics: our Kubernetes module is a favorite.
What you’ll get • Certificate of completion • 30 days lab access post-course completion (with the opportunity to extend) • 8 Continuing Professional Education (CPE) credits awarded per day of training fulfilled. • Learning pack, including question & answer sheets, setup documents, and command cheat sheets
Outcomes for budget holders This course is designed to bring your organisation’s infrastructure security testing competency up to an advanced industry standard, helping you:
• Lower the likelihood of security incidents by identifying weaknesses in your cloud infrastructure. • Improve your understanding of the organization’s risk posture based on the frequency and severity of weaknesses identified. • Improve the organization’s approach to access control management. • Create a stronger case for securing software development, cloud deployment, and governance practices. • Develop a secure cloud roadmap that balances growth and risk. • Implement cloud-based attack detection and response tactics. • Build a closer relationship between development and security teams. • Internally pentest new tools and systems before making an investment. • Nurture and retain passionate, highly skilled, and security conscious employees. • Demonstrate commitment to security through training, compliance, and change management. • Develop the organization’s competitive advantage for security-conscious customers.
H A C K I N G P O I N T