Cloud Penetration Testing Video Course Tools & PDF Guides DOWNLOAD
 
Size : 17.8 GB
 
 
Video Course 
 
 
1. Discovery Recon and Architecture at Scale
 
1. Course Introduction and Attacking the Cloud
2. Cloud Assessment Methodology
3. Infrastructure Cloud Components
4. Terms of Service and Demarcation Points
5. Recon at Cloud Scale
6. Domain and Host Discovery Tools
7. Scaled Host and Port Discovery
8. Finding Secrets and Keys within Repositories
9. Exposed Databases and Configuration Flaws
10. Using Tools to Quickly Assess Environments
11. Asset Discovery Services and Applications
 
 
2. Mapping Authentication and Cloud Services
 
1. Mapping Process
2. Postman
3. AWS CLI
4. URLs and URIs
5. Mapping Subdomains and Routes
6. AWS IAM
7. AWS IAM Privilege Escalations
8. AWS KMS
9. AWS Lambda
10. Introduction to PACU
 
 
3. Azure and Windows Services in the Cloud
 
 
1. Microsoft Cloud Services
2. Microsoft Identity Services
3. Web Authentications
4. Golden SAML Attacks
5. Azure Files and Services
6. Azure Compute
7. Azure Functions
8. Code Execution on Azure
9. Windows Containers
10. Mimikatz
11. Microsoft Graph
12. Conclusion
 
 
4. Vulnerabilities in Cloud Native Applicatons
 
1. Introduction to Cloud Native Applicatons
2. Cloud Native Applications
3. Deployment Pipelines and Attacks
4. Ngrok and Connecting to External Sources
5. Web Application Injections
6. ServerSide Request Forgeries
7. Command Line Injections in Applications
8. Serverless Function Attacks with Lambda
9. SQL Injection in a Hosted Environment
10. Containers and Microservices
11. Kubernetes and Service Meshes
 
 
5. Exploitation and Red Team in the Cloud
 
1. Red Team Exploitation
2. Payloads and Payload Selections
3. Red Team Ops in the Cloud
4. Backdooring Containers
5. Data Pivots and Moving Data
6. Username Harvesting
7. Password Attacks
8. Password Attack Types and Methodology
9. Obfuscating Architectures
10. Redirections with OS Tools
11. Class Conclusions
 
6. Capstone Event
 
1. Capstone Event
 
 
PDF
 
File:SEC588 Book.pdf
File:SEC588 Workbook.pdf
 
 
USB
 
File:588 Lab Info.txt
File:588.20.2.iso
File:SANS USB ISO DOWNLOAD HINTS AND EXPECTATIONS.pdf
File:SANS USB ISO MOUNT GUIDE.pdf
File:SEC588 - Lab Setup Instructions.pdf
File:SEC588_OD_QuickStartGuide_F02_02.pdf
File:VMware+Software+License+Handout_Rev200407.pdf
 
 
Video Course 
 
 
1. Discovery Recon and Architecture at Scale
 
1. Course Introduction and Attacking the Cloud
2. Cloud Assessment Methodology
3. Infrastructure Cloud Components
4. Terms of Service and Demarcation Points
5. Recon at Cloud Scale
6. Domain and Host Discovery Tools
7. Scaled Host and Port Discovery
8. Finding Secrets and Keys within Repositories
9. Exposed Databases and Configuration Flaws
10. Using Tools to Quickly Assess Environments
11. Asset Discovery Services and Applications
 
 
2. Mapping Authentication and Cloud Services
 
1. Mapping Process
2. Postman
3. AWS CLI
4. URLs and URIs
5. Mapping Subdomains and Routes
6. AWS IAM
7. AWS IAM Privilege Escalations
8. AWS KMS
9. AWS Lambda
10. Introduction to PACU
 
 
3. Azure and Windows Services in the Cloud
 
 
1. Microsoft Cloud Services
2. Microsoft Identity Services
3. Web Authentications
4. Golden SAML Attacks
5. Azure Files and Services
6. Azure Compute
7. Azure Functions
8. Code Execution on Azure
9. Windows Containers
10. Mimikatz
11. Microsoft Graph
12. Conclusion
 
 
4. Vulnerabilities in Cloud Native Applicatons
 
1. Introduction to Cloud Native Applicatons
2. Cloud Native Applications
3. Deployment Pipelines and Attacks
4. Ngrok and Connecting to External Sources
5. Web Application Injections
6. ServerSide Request Forgeries
7. Command Line Injections in Applications
8. Serverless Function Attacks with Lambda
9. SQL Injection in a Hosted Environment
10. Containers and Microservices
11. Kubernetes and Service Meshes
 
 
5. Exploitation and Red Team in the Cloud
 
1. Red Team Exploitation
2. Payloads and Payload Selections
3. Red Team Ops in the Cloud
4. Backdooring Containers
5. Data Pivots and Moving Data
6. Username Harvesting
7. Password Attacks
8. Password Attack Types and Methodology
9. Obfuscating Architectures
10. Redirections with OS Tools
11. Class Conclusions
 
6. Capstone Event
 
1. Capstone Event