Pular para o conteúdo principal

Cloud Penetration Testing

65 hours 9 Modules 25+ Labs Intermediate to Advanced

Course Description

Cloud environments present unique attack surfaces. This course covers AWS, Azure, and GCP security testing, focusing on misconfigurations, IAM attacks, and cloud-native exploitation techniques.

Learning Objectives

By the end of this course, you will be able to:

  1. Enumerate cloud environments and identify assets
  2. Exploit IAM misconfigurations across cloud providers
  3. Attack serverless functions and containers
  4. Pivot through cloud networks
  5. Exfiltrate data from cloud storage
  6. Report cloud security findings professionally

Course Structure

Modules

Module 1: Cloud Security Fundamentals (6h)

  • Cloud service models (IaaS, PaaS, SaaS)
  • Shared responsibility model
  • Cloud attack surface
  • Identity and Access Management basics
  • Cloud networking concepts

Module 2: AWS Penetration Testing (10h)

  • AWS enumeration techniques
  • S3 bucket misconfigurations
  • IAM privilege escalation
  • Lambda exploitation
  • EC2 metadata attacks
  • SSM and secrets abuse
  • CloudTrail evasion

Module 3: Azure Penetration Testing (10h)

  • Azure AD enumeration
  • Azure RBAC attacks
  • Blob storage exploitation
  • Azure Functions attacks
  • Managed identity abuse
  • Key Vault exploitation
  • Azure AD Connect attacks

Module 4: GCP Penetration Testing (8h)

  • GCP enumeration
  • Cloud Storage misconfigurations
  • IAM privilege escalation
  • Cloud Functions exploitation
  • Service account abuse
  • GKE attacks

Module 5: Multi-Cloud Attacks (6h)

  • Cross-cloud pivoting
  • Federated identity attacks
  • Cloud-to-on-prem attacks
  • Hybrid environment exploitation

Module 6: Container Security (8h)

  • Docker security testing
  • Kubernetes penetration testing
  • Container escape techniques
  • Registry vulnerabilities
  • Service mesh attacks

Module 7: Serverless Security (6h)

  • Function enumeration
  • Event injection attacks
  • Cold start exploitation
  • Dependency vulnerabilities
  • Serverless privilege escalation

Module 8: Cloud Data Exfiltration (5h)

  • Storage enumeration
  • Data classification discovery
  • Exfiltration techniques
  • DLP bypass
  • Covert channels in cloud

Module 9: Reporting & Compliance (6h)

  • Cloud pentest reporting
  • CIS benchmarks
  • Compliance mapping
  • Remediation guidance
  • Cloud security posture management

Tools

ToolPurpose
PacuAWS exploitation
ScoutSuiteMulti-cloud auditing
ProwlerAWS security
AzureHoundAzure AD enumeration
CloudMapperAWS visualization
TrivyContainer scanning
Ethical Use Only

Cloud penetration testing requires explicit authorization from the cloud provider and account owner.

Quick Navigation