Trainer Name: Manish Gupta , Yash Bharadwaj
Title: Attacking Hybrid Multi-Cloud Environment
Duration: 4 days (4 hrs each day)
Dates: May 10, 2022 To May 13, 2022
Time: 10 a.m. To 2 p.m. IST
Sold OutEnterprises across the globe are moving to the Cloud Technology. The technical understanding and enormous cost of rewriting infrastructure-applied applications to re-platform and work with the new cloud concept is a difficult task. The irregularities caused due to mis-understanding / deficit knowledge of New Cloud Concepts offered by leading Cloud Service Providers like AWS, Microsoft Azure and GCP etc have introduced multiple loopholes easily identified and exploited by Threat Actors to abuse and exploit the organization infrastructure.
CyberWarFare Labs training on "Attacking Hybrid Multi-Cloud Environment" aims to provide the trainees with the insights of the offensive / defensive techniques used by the Red Teamers and Blue Teamers in an Enterprise Cloud Infrastructure.
As an Attacker, trainee will not only understand the advanced Real-World Cyber Attacks against various major Cloud Vendors like AWS, Microsoft Azure, GCP but also simulate Tactics, Techniques and Procedures (TTP's) widely used by APT groups practically in the lab environment. As a Defender, trainee will understand various emerging threats and practically approach how to Defend and Secure the Hybrid Multi-Cloud Infrastructure. They will also practically understand widely used Cloud Security Solutions like AWS GuardDuty, Azure Security Centre and GCP Security Command Canter.
Training level: Basic / Intermediate
Please feel free to use the training insights from here :
https://www.cyberwarfare.live/trainings/certified-hybrid-multi-cloud-red-team-specialist
This architecture can be used during promotion : https://kajabi-storefronts-production.kajabi-cdn.com/kajabi-storefronts-production/themes/2149459084/settings_images/sy93QfG6S7J6z09XMJKV_cyberwarfare_post_10.png
Part-1 : Introduction about Hybrid Multi Cloud Environment
(Module-1 : On-Prem Active Directory Environment)
(Module-2 : Azure Cloud Environment )
(Module-3 : AWS Cloud Environment)
(Module-4 : GCP Cloud Environment)
(Module-5 : Hybrid Cloud Environment)
Part-2 : Enumeration & Initial Access on Cloud Infrastructure
(Module-1 : Unauthenticated Enumeration)
(Module-2 : Initial Access)
(Module-3 : Authenticated Enumeration)
Part-3 : Exploiting Hybrid Multi-Cloud Services
(Module-1 : Persistence Access on Multi-Cloud)
(Module-2 : Privilege Escalation)
(Module-3 : Defensive Evasion)
Part-4 : Lateral Movement
(Module-1 : Lateral Movement from Cloud to on-premise)
(Module-2 : Lateral Movement from on-prem to cloud)
(Module-3 : Within Multi-Cloud)
Part-5 : Case Study - Red Teaming Hybrid Multi Cloud Environment in Simulated Lab
(Initial Access to Data Exfiltration)
(Team will share updated documentation 2 weeks prior to the training date.)
Targeted Audience may include the following group of people:
In this training, trainee will perform the following in a large simulated Hybrid Multi-Cloud Red Team platform:
Becoming a Cloud Red Team Expert
Manish Gupta is the Director of CyberWarFare Labs and has 6.5+ years of expertise in offensive Information Security. Where he specializes in Red Teaming Activities in enterprise Environments. His research interest includes Real World Cyber Attack Simulation and Advanced Persistent Threat (APT). Previously he has presented his research at reputed conferences like Blackhat USA, DEFCON, Nullcon, c0c0n, BSIDES Chapters, X33fcon, NorthSec & other corporate training, etc.
Yash Bharadwaj, Co-Founder & Technical Architect at CyberWarFare Labs with over 5.5 Years of Experience as a Technologist. Highly attentive towards finding, learning, and discovering new TTPs used during offensive engagements. His area of interest includes building Red / Blue team infrastructure, evading AVs & EDRs, Pwning On-Prem infrastructure & Multi-cloud attacks. Previously he has delivered hands-on red/blue/purple team training/talks/workshops at Nullcon, X33fCon, c0c0n, NorthSec, BSIDES Chapters, OWASP, CISO Platform, and YASCON. You can reach out to him on Twitter @flopyash