Rootconf Delhi edition

Abstract:
AWS is the most widely used cloud environments today and almost every security professional has to encounter this environment whether you are attacking an organization or defending it. In this fast-paced workshop, we will teach participants with some neat tools, techniques, and procedures to attack the most widely used AWS services as well as to defend them. Below is the broad agenda for the workshop:

• Recon + Attacking S3 buckets
• Exploiting web application flaws to compromise AWS services
• Attacking Serverless applications
• Defending networks in AWS
• Automating defenses/security monitoring in AWS environments

Takeaways:
Students will be able to understand and appreciate the delta in attack surface which gets added due to moving to the cloud. And subsequently, design architecture and develop applications to defend them.

What will participants be provided?

• PDF copy of slide deck
• Workshop lab manual
• Bonus labs access for 15 days

Target Audience:

• Cloud Security Engineers
• DevOps engineers
• Security Analyst
• Penetration Testers
• Anyone else who is interested in Cloud Security

Outline

Detailed Outline:
Quick primer of AWS (15 min)

Explaining the virtual target enterprise scenario (5 min)

Recon + Attacking S3 buckets (25 Mins)

• Buckets enumeration
• Exploiting anonymous public Permissions
• Exploiting AWS public permissions [DEMO]
• Sub-domain takeovers [LAB]
• Protecting account wide buckets [DEMO]

Exploiting web application flaws to compromise AWS services (40 Mins)

• Enumerating and exploiting SSRF vulnerability
• Leveraging SSRF to exploit AWS metadata service [LAB]
• Gaining access tokens from Metadata service to access other AWS resources [LAB/DEMO]

Attacking Serverless applications (40 Mins)

• Understanding Serverless (Lambda) functions
• Misconfigurations in Lamba
• Example application layer attack on Lambda [LAB]

Defending networks in AWS (15 Mins)

• Attacking and defending internal VPCs [LAB/DEMO]

Automating defenses/security monitoring in AWS environments (30 Mins)

• Concepts of Logging in AWS
• Setting up automated logging in AWS
• Deletion of Lamba activity logs [LAB/DEMO]

Conclusion and Wrap up (10 Mins)

Requirements

Prerequisites for students:

• Need to have AWS account (Free-tier)
• Basic understanding of AWS

Speaker bio

Vaibhav Gupta
Vaibhav is working as a Security Researcher with Adobe. His expertise lies in infusing design and architecture level security in applications hosted in-house and on cloud environments. With ~10 years of diverse InfoSec exposure, he has strong experience in attacking and defending applications and cloud environments.
He has shared his knowledge at multiple international platforms like Blackhat USA, OWASP AppSec Europe, Nullcon, BSides Las Vegas, Defcon USA, etc. He is a strong supporter of open communities and is leading OWASP, BSides, and Null in Delhi region.
LinkedIn: https://www.linkedin.com/in/vaibhav0
Twitter: https://twitter.com/VaibhavGupta_1

Sandeep Singh:
Sandeep is a Security Managing Consultant with NotSoSecure, a specialist IT Security company. He has over 5 years of experience in delivering high-end security consulting services to clients across the globe. He is the co-lead of OWASP Delhi chapter and Community Manager of null community and actively contributes to the local security community. He has conducted and delivered many talks and workshops for the local community in the past.

Links

• https://www.defcon.org/html/defcon-26/dc-26-workshops.html#gupta