Trainer Name: Manish Gupta , Yash Bharadwaj
Title: Attacking Hybrid Multi-Cloud Environment
Duration: 4 days (4 hrs each day)
Dates: May 10, 2022 To May 13, 2022
Time: 10 a.m. To 2 p.m. IST
Sold OutEnterprises across the globe are moving to the Cloud Technology. The technical understanding and enormous cost of rewriting infrastructure-applied applications to re-platform and work with the new cloud concept is a difficult task. The irregularities caused due to mis-understanding / deficit knowledge of New Cloud Concepts offered by leading Cloud Service Providers like AWS, Microsoft Azure and GCP etc have introduced multiple loopholes easily identified and exploited by Threat Actors to abuse and exploit the organization infrastructure.
CyberWarFare Labs training on "Attacking Hybrid Multi-Cloud Environment" aims to provide the trainees with the insights of the offensive / defensive techniques used by the Red Teamers and Blue Teamers in an Enterprise Cloud Infrastructure.
As an Attacker, trainee will not only understand the advanced Real-World Cyber Attacks against various major Cloud Vendors like AWS, Microsoft Azure, GCP but also simulate Tactics, Techniques and Procedures (TTP's) widely used by APT groups practically in the lab environment. As a Defender, trainee will understand various emerging threats and practically approach how to Defend and Secure the Hybrid Multi-Cloud Infrastructure. They will also practically understand widely used Cloud Security Solutions like AWS GuardDuty, Azure Security Centre and GCP Security Command Canter.
Training level: Basic / Intermediate
Please feel free to use the training insights from here :
https://www.cyberwarfare.live/trainings/certified-hybrid-multi-cloud-red-team-specialist
This architecture can be used during promotion : https://kajabi-storefronts-production.kajabi-cdn.com/kajabi-storefronts-production/themes/2149459084/settings_images/sy93QfG6S7J6z09XMJKV_cyberwarfare_post_10.png
Part-1 : Introduction about Hybrid Multi Cloud Environment
(Module-1 : On-Prem Active Directory Environment)
(Module-2 : Azure Cloud Environment )
(Module-3 : AWS Cloud Environment)
(Module-4 : GCP Cloud Environment)
(Module-5 : Hybrid Cloud Environment)
Part-2 : Enumeration & Initial Access on Cloud Infrastructure
(Module-1 : Unauthenticated Enumeration)
(Module-2 : Initial Access)
(Module-3 : Authenticated Enumeration)
Part-3 : Exploiting Hybrid Multi-Cloud Services
(Module-1 : Persistence Access on Multi-Cloud)
(Module-2 : Privilege Escalation)
(Module-3 : Defensive Evasion)
Part-4 : Lateral Movement
(Module-1 : Lateral Movement from Cloud to on-premise)
(Module-2 : Lateral Movement from on-prem to cloud)
(Module-3 : Within Multi-Cloud)
Part-5 : Case Study - Red Teaming Hybrid Multi Cloud Environment in Simulated Lab
(Initial Access to Data Exfiltration)
(Team will share updated documentation 2 weeks prior to the training date.)
Targeted Audience may include the following group of people:
In this training, trainee will perform the following in a large simulated Hybrid Multi-Cloud Red Team platform:
Becoming a Cloud Red Team Expert
Manish Gupta is Director of CyberWarFare Labs in India having 6.5+ years of expertise in Offensive Information Security. Where he specializes in Offensive Security and Red Teaming Activities on enterprise Environment. A part-time Bug Bounty Hunter and CTF Player. His Research interest includes Real World Cyber Attack Simulation and Advanced persistent Threat (APT). Previously he has spoken at reputed conferences like Blackhat USA 19, DEFCON 19, Nullcon 2020, BSIDES CT 20 where he showcased his red teaming toolkit "PivotSuite". He is currently working on developing OpenSource Offensive Security Toolkit which helps Red Teamers / Penetration Testers. He will be delivering his next Offensive / Defensive Operations Cyber Security Trainings in Nullcon 21 (Sept 21) & multiple corporate training.
Yash Bharadwaj, working as a technical architect at CyberWarFare Labs. Highly attentive towards finding, learning and discovering new TTP’s used during offensive engagements. His area of interest includes (but not limited to) building Red / Blue team infrastructure, evading AVs & EDRs, Pwning Active Directory infrastructure, stealth enterprise networks & Multi cloud attacks. Previously he has delivered hands-on red team trainings at BSIDES Ahmedabad, OWASP Seasides 20, Red & Blue Team Training at BSIDES Delhi, OWASP APPSEC Indonesia 20, CISO Platform 20 & YASCON 21 & performed. He has trained at various international conferences(Nullcon 21, BSIDES Connecticut). You can reach out to him on Twitter @flopyash