menu > Trainings > 

Multi-Cloud-Security [Beginner Edition]

multi-cloud security


Enterprises across the globe are moving to Cloud Technology. The technical understanding and enormous cost of rewriting infrastructure applied applications to re-platform and work with the new cloud concept is a difficult task. The irregularities caused due to mis-understanding / deficit knowledge of New Cloud Concepts offered by leading Cloud Service Providers like AWS, Microsoft Azure and GCP etc have introduced multiple loopholes easily identified and exploited by Threat Actors to abuse and exploit the organization infrastructure.

CyberWarFare Labs workshop on “Multi-Cloud Security” aims to provide the trainees with the insights of the offensive / defensive techniques used by the Red Teamers and Blue Teamers in an Enterprise Cloud Infrastructure.

As an Attacker, trainee will not only understand the advanced Real-World Cyber Attacks against various major Cloud Vendors like AWS, Microsoft Azure, GCP but also simulate Tactics, Techniques and Procedures (TTP's) widely used by APT groups practically in the lab environment.

As a Defender, trainee will understand various emerging threats and practically approach how to Defend and Secure the Hybrid Multi-Cloud Infrastructure. They will also practically understand widely used Cloud Security Solutions like AWS GuardDuty, Azure Security Centre and GCP Security Command Centre.

buy now

Portal Image

Course Content

Day 1

Part-1 : Introduction about Multi Cloud Environment
  • Module-1 : Azure Cloud Environment
    • Azure Identity : Azure AD & RBAC
    • O365 / Microsoft 365
    • Long range : GSM
    • Azure Cloud Services (VM, Storage, IaaS, PaaS, SaaS)
  • Module-2 : AWS Cloud Environment Identity & Access Management
    • AWS Cloud Services (IaaS, PaaS, SaaS)
    • AWS SSO
  • Module-3 : GCP Cloud Environment
    • GCP Identity & Access Management
    • GCP Cloud Services (IaaS, PaaS, SaaS)
    • Long range : GSM
    • Google Suite / Workspace + Cloud Identity
Part-2 : Enumeration & Initial Access on Cloud Infrastructure
  • Module-1 : Unauthenticated Enumeration
    • Enumerating Information from DNS Records
    • Enumerating Information from Cloud Vendors
    • Leaked secrets from github
    • Enumeration storage & other information from OSINT
  • Module-2 : Initial Access
    • Exploiting Cloud Services
    • Leaked Credentials
    • Compromising CI/CD pipeline
    • Compromising storage accounts
  • Module-3 : Authenticated Enumeration
    • AWS Services
    • AAD, O365, Azure Services
    • Cloud Identity, Google Workspace, GCP Services

Day 2

Part-3 : Exploiting Hybrid Multi-Cloud Services
  • Module-1 : Exploiting Hybrid Multi-Cloud Services
    • AWS : cross account, within account
    • Azure : service principal, cross tenant, AAD
    • GCP : Access organization, Cloud Identity
    • Hybrid - On-Premise AD
  • Module-2 : Privilege Escalation
    • Elevating Privileges on AWS
    • Elevating Privileges on Azure
    • Elevating Privileges on GCP
Part-4 : Lateral Movement
  • Module-1 : Within Multi-Cloud
    • AWS, GCP, Azure to each other
Part-5 : Case Study
  • Red Teaming in Simulated Lab
    • (Initial Access to Data Exfiltration)

Hands-on labs :

    Candidates will get Module Wise Custom Terraform Scripts to practice under their own account

    *Candidates will get FULL 7 Days Lab Access (CyberWarFare Labs Account) on the 2nd day after training which comes with technical support.

    Hybrid Multi-Cloud Simulated Lab Architecture:

    Coruse Structure

    Why should people attend your course?

    • Practically Understand Enterprise Grade Red Team Operation Methodology in Multi-Cloud Environment
    • Perform Red Team Attack Cycle in Simulated Enterprise Environment
    • Stealth Lateral Movement Techniques in Multi-Cloud, Cloud to on-premise & vice-versa
    • Core Services Mapping / Enumeration / Exploitation
    • Create custom tools to perform manual enumeration

    Student Requirements :

    • Fair Knowledge of Networking and Web Technology
    • Familiarity with CLI
    • An Open mind *No prior Cloud knowledge is required.

    Who Should Take This Course ?

    • Penetration Testers / Red Teams
    • Cloud Security Professionals
    • Cloud Architects
    • SOC analysts
    • Threat Hunting Team
    • Last but not the least, anyone who is interested in strengthening their offensive and detection capabilities in Cloud

    How many years of practical experience would the ideal student have to get most out of this training?

    • Minimum 1-3 years in Penetration Testing Domain.

    What Students Should Bring?

    • System with at least 16GB RAM
    • Updated Web Browser
    • Parrot OS VM With Internet Connectivity

    What Students Will Be Provided With?

    • Soft Copy of the Course Content.
    • Great Knowledge about the Offensive Cloud Techniques used by adversaries.
    • Defense Tactics & Techniques against the discussed offensive techniques.
    • 7 days full lab access with technical support during & after the workshop
    • Custom automated scripts to set up lab scenarios.

    Social Media Handle?

    • CyberWarFare Labs: @cyberwarfarelab
    • Yash Bharadwaj: @flopyash
    Manish Gupta

    Manish Gupta

    Manish Gupta is the Director of CyberWarFare Labs and has 6.5+ years of expertise in offensive Information Security. Where he specializes in Red Teaming Activities in enterprise Environments. His research interest includes Real World Cyber Attack Simulation and Advanced Persistent Threat (APT). Previously he has presented his research at reputed conferences like Blackhat USA, DEFCON, Nullcon, c0c0n, BSIDES Chapters, X33fcon, NorthSec & other corporate training, etc.

    Yash Bharadwaj

    Yash Bharadwaj

    Yash Bharadwaj, Co-Founder & Technical Architect at CyberWarFare Labs with over 5.5 Years of Experience as a Technologist. Highly attentive towards finding, learning, and discovering new TTPs used during offensive engagements. His area of interest includes building Red / Blue team infrastructure, evading AVs & EDRs, Pwning On-Prem infrastructure & Multi-cloud attacks. Previously he has delivered hands-on red/blue/purple team training/talks/workshops at Nullcon, X33fCon, c0c0n, NorthSec, BSIDES Chapters, OWASP, CISO Platform, and YASCON. You can reach out to him on Twitter @flopyash.