• Infosec In the City (IIC)

Pwning AWS Cloud Services — by Mohammed Aldoub

#IICSG2019 Conference Deep-Tech Track


Day 1 (19 Jun 2019)

5.00pm—5.45pm

@ Breakout Room 1


[#IICSG2019 Conference Full Schedule]


Abstract

In this talk, I will talk and demo the many ways to skin and attack multiple essential AWS cloud services, such as attacks against Serverless functions (AWS Lambda) (e.g. Serverless Event Injection), attacks against EC2 instances (even without having access to SSH keys!), methods to backdoor compromised AWS accounts, cloud-wide credential theft, and other attacks. 

In the talk, I'll also demo my new tool "barq", the customer AWS post-exploitation tool!


2 views
 
  • Facebook
  • Twitter
  • YouTube

Contact Us

Terms of Use | Code of Conduct | Privacy Policy

All rights reserved.

IIC Productions (Pte. Ltd.) © 2017-2020.