0wning the Cloud - AWS, Azure, GCP, DigitalOcean and Aliyun

The modern digital ecosystem relies on cloud-hosted infrastructures,
often invisible to users. Securing these environments requires an
understanding of how attackers exploit generic weaknesses in cloud
services. This course provides a comprehensive view of cloud security
from an attacker's perspective, demonstrating how APIs,
misconfigurations, and small vendor-specific quirks enable privilege
escalation and lateral movement across cloud platforms.

This course covers a wide array of cloud vendors---AWS, Azure, GCP,
DigitalOcean, and Alibaba Cloud. While each cloud has unique quirks,
many attack techniques are generic, focusing on API interactions and
security gaps rather than deep specialization. By comparing and
contrasting services like storage or function-as-a-service across
platforms, students gain clarity on which attacks are universal and
where specifics come into play.

With the provided Terraform scripts, students will deploy custom-built
applications in their own cloud environments. This approach enables
challenges that are too complex for shared environments, including
scenarios escalating to IAM owner-level privileges.

Key questions that we will answer:

- How can I enumerate S3 permissions remotely without credentials?

- Can I identify the owner of an exposed bucket?

- How do generic attacks like SSRF abuse IMDSv2 across providers?

- What are the universal misconfigurations in cloud IAM policies?

- How do I perform lateral movement in Kubernetes clusters across
clouds?

- How do storage services differ between AWS, DigitalOcean, and
Aliyun?

This 2-day training is 80% hands-on and 20% input/discussion. Each
scenario includes:

- Deployment plans for challenges using Terraform scripts.

- Exploratory labs to identify attack vectors and perform
exploitation.

- Detailed walkthroughs with comprehensive notes.

- Debrief sessions covering defenses and attack flow recaps.

By focusing on realistic scenarios and practical comparisons across
cloud providers, this training empowers participants to secure
multi-cloud environments effectively.