Published On Nov 18, 2022
How easy is it to build your own cloud hacking lab? In this video, I show how you can sign-up for your own Microsoft Azure and Amazon AWS accounts, and then use them to learn common cloud vulnerabilities such as public accessibility of resources, server-side request forgery, cloud-based privilege escalation issues, and more. Learn how you can deploy resources to your own cloud environment using automation tools known as “Infrastructure-as-Code”. Being able to quickly spin up and down resources within your own cloud accounts makes it possible to simulate real-world environments that can be hacked without risk to other organizations.
Links:
Instructions for setting up Azure and AWS accounts can be found here: https://btc.breakforge.io
AWS: https://aws.amazon.com/free/
Azure: https://azure.microsoft.com/en-us/pri...
Terraform: https://www.terraform.io/
CloudGoat: https://github.com/RhinoSecurityLabs/...
AzureGoat: https://github.com/ine-labs/AzureGoat
PurpleCloud: https://github.com/iknowjason/PurpleC...