top of page
Writer's pictureInfosec In the City (IIC)

Pwning AWS Cloud Services — by Mohammed Aldoub

#IICSG2019 Conference Deep-Tech Track


Day 1 (19 Jun 2019)

5.00pm—5.45pm

@ Breakout Room 1



Abstract

In this talk, I will talk and demo the many ways to skin and attack multiple essential AWS cloud services, such as attacks against Serverless functions (AWS Lambda) (e.g. Serverless Event Injection), attacks against EC2 instances (even without having access to SSH keys!), methods to backdoor compromised AWS accounts, cloud-wide credential theft, and other attacks. 

In the talk, I'll also demo my new tool "barq", the customer AWS post-exploitation tool!


26 views0 comments

Comments


Post: Blog2_Post
bottom of page