Conference Venue: RAI Amsterdam, Europaplein 24, 1078 GZ Amsterdam, The Netherlands

Book Hotel click HERE
Back To Schedule
Thursday, September 26 • 10:15am - 11:00am
Attacking AWS: the full cyber kill chain

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
While it is quite common practice to do periodic security assessments of your local network, it is really rare to find a company who puts the same effort for testing the security in their cloud. We have to understand what new threats and risks appeared with the cloud and how should we change our attitude to testing cloud security. The goal of my presentation is to show how security assessment of cloud infrastructure it is different from testing environments in classic architecture. I'll demonstrate a hypothetical attack on a company which is fully deployed in the AWS environment. I’m going to show the whole kill chain starting from presenting cloud-applicable reconnaissance techniques. Then I’ll attack the web application server hosted on EC2 instance to access its metadata. Using the assigned role, I’ll access another AWS EC2 instance to escalate privileges to the administrator and then present how to hide fingerprints in CloudTrail service. Finally, I’ll demonstrate various techniques of silent exfiltrating data from AWS environment, setting up persistent access and describe another potential, cloud-specific threats, e.g. cryptojacking or ransomware in the cloud. The presentation shows practical aspects of attacking cloud services and each step of the kill chain will be presented in a form of an interactive, live demo. On the examples of presented attacks, I’ll show how to use AWS exploitation framework Pacu and other handy scripts.

avatar for Pawel Rzepa

Pawel Rzepa

Senior Security Consultant, SecuRing
Pawel is a senior security consultant in SecuRing. On his daily basis he is responsible for performing penetration tests and cloud security assessment. He has a wide experience in security field gained inter alia, as a fuzzer developer in Spirent, pentester in EY GSS, security auditor... Read More →

Thursday September 26, 2019 10:15am - 11:00am CEST