SAINTCON 2023 - Bryce Kunz - Cloud Red Teaming

Security

Learn how Cloud Red Teaming detects vulnerabilities in cloud infrastructure by simulating an attacker's perspective, identifying misconfigured cloud services and vulnerable resources, and exploiting them using a redirector and CloudFormation templates.

Key takeaways

Red teaming is a way to identify vulnerabilities in cloud infrastructure by simulating an attacker’s perspective.
Enumerating S3 buckets and identifying vulnerable resources is a common technique.
Misconfigured cloud services, such as S3 buckets without valid bucket names, can be exploited.
CloudFormation templates can be used to deploy malicious applications.
Using a redirector to forward requests to an S3 bucket can bypass security controls.
Cloud service providers often have APIs that can be used to authenticate and access resources.
Domain Fronting can be used to route requests to an attacker-controlled server.
Two-factor authentication can be bypassed using stolen credentials.
Red teaming can help identify vulnerable resources and misconfigured cloud services.
Ultraviolet is a combination of the red teaming methodology and the cloud provider’s infrastructure.
Cloud red teaming can be used to identify vulnerabilities in a cloud environment.
Penetration testing can be used to identify vulnerabilities in a cloud environment.
Red teaming can help identify misconfigured cloud services and vulnerable resources.
Using a CloudFormation template to deploy a malicious application can bypass security controls.
CloudFormation templates can be used to deploy malicious applications without triggering security alerts.
Misconfigured cloud services can be exploited using a redirector and a CloudFormation template.
Red teaming can be used to identify vulnerabilities in a cloud environment before an attacker can exploit them.

SAINTCON 2023 - Bryce Kunz - Cloud Red Teaming

More talks