- Title -
Attacking Enterprise AWS Deployments
- Description -
This talk will be running as more of a workshop instead of presentation. The focus will mainly be on AWS IAM (Identity and Access Management) service, and we will dig into AWS’s security model and play around with the aws iam cli to understand it. Attendees will learn how to approach a security assessment of an Enterprise AWS environment.
The workshop will be a hand on, lab based session, providing attendees who have some AWS experience an understanding of the AWS security model, and how to identify and exploit configuration weaknesses in order to obtain elevated privileges.
The key topics that will be covered are:
1. Understand how users, groups, roles and permissions work in AWS
2. Common ways access is configured in enterprise deployments
3. Gain unauthorised and unauthenticated access to other AWS accounts
4. How to check for potential privilege escalation scenarios
5. Tools and resources to help with the process
- Speaker -
- Capture-The-Flag -
Due to the workshop being a training session, there will be no CTF this time.
- Requirements -
Internet Connection: SecTalks will try to take care of this, but if you have stable/substantial 3/4g data, please use that to ease the load.
If you’d like to attend, please ensure the following is completed before the workshop. Setting up your machine should take around 20 mins.
1. Sign up for an AWS account – you’ll get a 1 year free trial
2. Create an IAM account with programmatic access, download the access keys
3. Add this account to the administrators group
4. Install and setup awscli (brew install awscli, and then run aws configure)
Post-meetup drinks are now held at HOPSCOTCH (Just outside SecTalks, 4 Riverside Quay, Southbank VIC 3006).
We are always looking for new sponsors to cover some of our initiatives and keep events free while having great prizes. If you'd like to help sponsor an event or in general, please get in touch at [masked]