Packt
Introduction to AWS Pentesting
Packt

Introduction to AWS Pentesting

Access provided by The National Institute of Engineering

Gain insight into a topic and learn the fundamentals.
Intermediate level

Recommended experience

1 week to complete
at 10 hours a week
Flexible schedule
Learn at your own pace
Gain insight into a topic and learn the fundamentals.
Intermediate level

Recommended experience

1 week to complete
at 10 hours a week
Flexible schedule
Learn at your own pace

What you'll learn

  • Understand and interpret AWS pentesting policies to ensure compliance.

  • Identify vulnerabilities in IAM, S3, Lambda, and EC2 configurations.

  • Utilize tools like Pacu and AWS CLI for effective pentesting.

  • Practice AWS pentesting through real-world scenarios like Flaws and CloudGoat.

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

5 assignments

Taught in English

See how employees at top companies are mastering in-demand skills

 logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

There are 4 modules in this course

In this module, we will delve into the essential concepts and terminologies necessary for AWS pentesting. We will start with an overview of the course, followed by an exploration of AWS-specific policies, keys, and common vulnerabilities in services like IAM, S3, EC2, and Lambda. Finally, we will discuss the critical role of ARNs and their relevance to pentesters. This foundational knowledge sets the stage for practical and advanced pentesting scenarios.

What's included

8 videos1 reading

In this module, we will introduce the essential tools used for AWS pentesting. Starting with the AWS CLI for basic environment interactions, we will then dive into advanced tools like Pacu for comprehensive pentesting frameworks. Additionally, we will explore AWS Bucket Dump and GrayhatWarfare for discovering and exploiting misconfigured S3 buckets. These tools are indispensable for automating and streamlining the pentesting process.

What's included

4 videos1 assignment1 plugin

In this module, we will tackle six hands-on challenges from the Flaws series, each simulating real-world AWS vulnerabilities. Starting with enumeration and weak S3 permissions, we will progress through advanced scenarios involving open repositories, unencrypted EBS volumes, and EC2 metadata exploitation. By the final challenge, we’ll address complex issues in IAM policies, Lambda, and REST APIs. These exercises are designed to build confidence and expertise in identifying and exploiting AWS-specific security flaws.

What's included

6 videos1 assignment1 plugin

In this module, we will use CloudGoat, a hands-on AWS pentesting training resource, to explore realistic security scenarios. Starting with the configuration of CloudGoat, we’ll tackle specific challenges such as IAM privilege escalation via rollback and attachment, Lambda and EC2 misconfigurations, and S3 bucket breaches. Each scenario will enhance your understanding of AWS vulnerabilities and teach you the techniques necessary to identify and exploit these weaknesses in real-world environments.

What's included

7 videos3 assignments

Instructor

Packt - Course Instructors
Packt
1,035 Courses244,417 learners

Offered by

Packt

Why people choose Coursera for their career

Felipe M.
Learner since 2018
"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."
Jennifer J.
Learner since 2020
"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."
Larry W.
Learner since 2021
"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."
Chaitanya A.
"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."

Explore more from Computer Science