Completed
Agenda How I am going to bore you for next 30 minutes
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Attacking Storage Services - The Lynchpin of Cloud Services
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Attacking Storage Services: Lynchpin of Cloud Services
- 3 Agenda How I am going to bore you for next 30 minutes
- 4 Cloud Storage: Why Attack
- 5 Writable Public Storages
- 6 Authenticated User Access
- 7 Rocket.chat Installer
- 8 Fwupd CVE-2020-10759
- 9 Attack: Enumeration
- 10 AWS S3 Buckets Enumeration
- 11 Cloud Bucket URL Scraper
- 12 AWS Cloud Bucket Search Engine
- 13 Google Dork in Action
- 14 Attack: Identification and Exploitation
- 15 Azure SAS URL'S
- 16 Storage Attacks: Azure
- 17 Connecting to Azure Storage
- 18 Attack: Post Exploitation
- 19 Credential Harvesting Hunting for the usemame
- 20 Case Study: SSRF to EC2 takeover
- 21 Case Study: Paas: Elastic Beanstalk
- 22 Case Study: AWS Cognito Analysis
- 23 Vendor Warnings
- 24 Tenant: Periodic Scan: Scout Suite
- 25 Tenant: Prepare for Disaster
- 26 Additional Reference Material