AWS Cloud compute

This section covers the attacks for services under the Cloud Compute umbrella of AWS.

This includes attacks against AWS EC2 instances and Lambda service.

What are we going to cover

This module will primarily cover

• Abuse the EC2 metadata endpoint via SSRF

• Generate and steal temporary credentials from the EC2 instance

• Use SSM to gain reverse shells on unreachable machines

• AWS Instance Metadata Version 2 Enhancements (IMDSv2)

Additional Information

No additional information for this section