AWS Pentesting Course

Master offensive cloud pentesting on AWS. This course takes you from AWS fundamentals to deep exploitation across IAM, EC2, S3, Lambda, API Gateway, Cogntio, GuardDuty, and cross-account attack chains. Learn how to enumerate cloud attack surface, exploit misconfigurations, escalate privileges, and execute real-world red team operations in AWS. Earn the Certified AWS Penetration Tester (CAPT) certification to validate your expertise.

Duration: 25 hrs

$249.00

buy now

View Syllabus

Course Overview

Welcome to the AWS Pentesting course! This intensive hands-on course walks participants through offensive operations in Amazon Web Services (AWS) - from reconnaissance to persistence. Attendees will learn to identify, exploit, and chain together real-world misconfigurations across IAM, EC2, S3, Lambda, API Gateway, Cognito, GuardDuty and other core AWS services. The course emphasizes an attacker's perspective on cloud architecture, exploring privilege escalation, cross-account abuse, credential theft, and persistence while maintaining stealth and evading native detections.

Using a fully hosted online lab platform, participants will perform live exploitation exercises replicating real AWS attack paths seen in red team engagements. By the end of the course, students will have a clear understanding of the AWS attack surface, common detection gaps, and effective strategies for offensive cloud operations.

Prerequisites

Basic Linux Knowledge
Basic Pentesting & Security Concepts
Basic Command Line Skills

Course Curriculum

AWS Pentesting Course

135 Learning Materials

AWS & AWS Pentesting

Intro to AWS Pentesting Course

Video

00:00:41

Accessing Labs

Video

00:04:42

Overview of AWS

Video

00:04:42

Cyber Kill Chain (Cloud)

Video

00:03:22

What is AWS Pentesting

Video

00:04:58

Initial Access Scenarios

Video

00:06:09

Real World Case Studies

Video

00:12:02

Learning AWS Basics - A Practical Approach

AWS Basics

Video

00:00:44

AWS Account

Video

00:04:53

AWS Architecture

Video

00:14:02

Practical - A look at an AWS Account

Video

00:11:04

Practical - Creating a User

Video

00:06:01

Practical - Giving Permssion to a User

Video

00:09:30

Practical - Creating your first EC2 Instance

Video

00:06:49

Practical - Creating your first S3 Bucket

Video

00:02:41

Practical - Setting up MFA

Video

00:02:12

Deep Dive into IAM Service

Understanding IAM Service

Video

00:04:52

IAM Identities

Video

00:02:26

Taking a deep dive into Roles

Video

00:21:07

Practical - Role Usage (Service to Service)

Video

00:11:32

Practical - Role Usage (Account to Account)

Video

00:41:19

Role Usage (External ID to Service)

Video

00:00:37

IAM Access Keys

Video

00:00:37

Practical - Solving your first Lab

Video

00:18:49

Practical - Automating the Enumeration with aws-enumerator

Video

00:07:25

Understanding ARN

Video

00:03:10

Understanding different types of IAM Policies

Types of Policies in IAM

Video

00:00:54

IAM Identity Permission Policy

Video

00:09:35

Practical - IAM Identity Permission Policy

Video

00:04:28

Few More Examples

Video

00:04:46

Types of IAM Identity Permission Policy

Video

00:04:47

Practical - IAM Identity Permission Policy

Video

00:04:28

Resource Based Policy

Video

00:03:08

Bucket Resource Policy

Video

00:06:45

Bucket Resource Policy - Examples

Video

00:04:19

Practical - Bucket Resource Policy

Video

00:05:25

Trust Policy

Video

00:08:15

Permission Boundary

Video

00:08:42

Practical - Permission Boundary

Video

00:15:22

Session Policies

Video

00:03:50

Practical - Session Policies

Video

00:13:22

AWS Organizations and their policy types

AWS Organizations

Video

00:04:16

Practical - AWS Organizations

Video

00:02:11

Service Control Policies

Video

00:05:44

Practical - Service Control Policies

Video

00:12:14

Resource Control Policies

Video

00:04:42

Practical - Resource Control Policies

Video

00:12:14

Policy Evaluation Logic

Video

00:11:35

Common IAM Misconfigurations

Misconfiguration 1 - Wildcard Everywhere

Video

00:01:54

Misconfiguration 2 - Inline Privileged Policy

Video

00:01:52

Misconfiguration 3 - Over-Permissive Trust Policy

Video

00:02:10

Misconfiguration 4 - Over-Permissive Resource Based Policy

Video

00:00:46

Maybe a Misconfiguration 5 - KMS Key Policy

Video

00:01:50

Misconfiguration 6 - NotAction or NotResource

Video

00:01:57

IAM Initial Access

Practical - Account ID Manual Enumeration (Public Buckets)

Video

00:29:50

Practical - Account ID Automated Enumeration (Public Buckets)

Video

00:12:21

Practical - Account ID Enumeration (AMIs and Snapshots)

Video

00:04:44

Practical - Manual Enumeration of Users and Roles

Video

00:05:12

Practical - Automated Enumeration of Users and Roles (Pacu)

Video

00:20:40

Practical - Initial Access - Weak Credential in Use

Video

00:15:03

IAM Enumeration

Enumeration Basics

Video

00:03:39

Practical - General Enumeration

Video

00:09:11

Practical - User Enumeration

Video

00:09:49

Practical - Group Enumeration

Video

00:02:21

Practical - Role Enumeration

Video

00:03:54

Practical - Policy Enumeration

Video

00:16:25

Service Enumeration

Video

00:04:40

IAM Exploitation & Privilege Escalation & Persistence

Practical - Change Group Membership

Video

00:18:06

Practical - Creating a New Policy Version

Video

00:25:43

Setting the Default Policy Version

Video

00:01:55

Creating User Access Key

Video

00:02:29

Creating a New Login Profile

Video

00:01:59

Updating an Existing Login Profile

Video

00:01:41

Attaching a Policy (User, Group & Role)

Video

00:02:33

Creating/Updating an Inline Policy (User, Group & Role)

Video

00:02:57

Updating the AssumeRolePolicyDocument of a Role

Video

00:02:21

IAM Persistence

Video

00:03:44

STS & KMS Service

STS Basics & Misconfiguration

Video

00:02:30

KMS Basics & Practical

Video

00:15:38

Enumerating & Finding Misconfigurations

Video

00:09:21

SecretsManager Service & SSM Parameter Store

SecretsManager Basics and Enumerating Secrets

Video

00:24:08

SSM Parameter Store Basics and Enumerating Parameters

Video

00:09:13

EC2 Service

EC2 Basics & Practical

Video

00:26:06

Initial Access & Enumeration

Video

00:22:49

Practical 1 - Exploitation & Priv Esc

Video

00:21:58

Practical 2 - Exploitation & Priv Esc

Video

00:19:58

Few More Exploitation & Priv Esc

Video

00:01:52

S3 Service

S3 Basics & Practical

Video

00:07:31

Real World Case Studies

Video

00:03:20

Initial Access, Enumeration & Exploitation

Video

00:08:44

Practical - Initial Access, Enumeration & Exploitation

Video

00:17:24

Lambda Service

Lambda Basics

Video

00:14:25

Practical - Creating your first lambda Function

Video

00:28:36

Practical - Creating your second lambda fucntion

Video

00:19:21

Practical - Lambda Enumeration

Video

00:18:43

Practical - Lambda Exploitation 1

Video

00:35:19

Practical - Lambda Exploitation 2

Video

00:21:37

Creating a Serverless Application

Video

00:27:51

API Gateway

API Gateway Basics

Video

00:20:42

Practical - Creating a vulnerable API Gateway and Exploiting it

Video

00:40:52

Practical - Exploiting API keys

Video

00:23:52

API Gateway Authorizers

Video

00:02:53

Practical - Lambda Authorizer

Video

00:17:17

AWS IAM Authorizer

Video

00:14:23

Cognito User pool Authorizer

Video

00:02:32

Practical - API Gateway Enumeration

Video

00:07:54

Cognito

Cognito

Video

00:01:41

Cognito User pools

Video

00:08:42

Practical - Creating your first User Pool

Video

00:18:41

Cognito Identity pool

Video

00:07:01

Practical - Creating your first Identity Pool

Video

00:10:26

Practical - Exploiting Unauthenticated (Guest) Identity pool

Video

00:18:50

Practical - Exploiting Self Registration Feature

Video

00:22:20

Practical - Exploiting Custom Attributes

Video

00:10:41

Practical - Cognito Enumeration

Video

00:06:43

DynamoDB

DynamoDB Basics

Video

00:05:21

Creating your first DynamoDB Table

Video

00:05:21

IAM Identity Center

IAM Identity Center Basics

Video

00:05:39

Practical - IAM Identity Center

Video

00:23:30

Practical - Enumerating IAM Identity Center

Video

00:34:34

CloudTrail

CloudTrail Basics

Video

00:03:51

Practical - Creating your first Trail

Video

00:23:59

Practical - Analyzing the logs

Video

00:13:33

Bypassing CloudTrail Logging

Video

00:14:38

GuardDuty

GuardDuty Basics

Video

00:05:41

Enumerating & Bypassing GuardDuty

Video

00:30:55

AWS Pentest Tools

Boto3

Video

00:08:45

ScoutSuite

Video

00:23:51

Prowler

Video

00:20:20

PMapper

Video

00:15:30

Cloudsplaining

Video

00:07:39

Cloudfox

Video

00:12:11

Pacu

Video

00:33:33

Report-Writing & CAPT Exam

Report Writing

Video

00:39:44

CAPT Exam

Video

00:04:44

Course Instructor

Shashi Kant Prasad

Principal Security Consultant
Shashi Kant Prasad is a skilled red teamer at Redfox Security with expertise in Web, Cloud, Hardware, DevOps, and Red Teaming. He also trains peers at top security conferences.

Lab Portal

Key Takeaways

Life time access to course and resources.
30 days of free lab access.
Private Discord community access for direct support and networking.
One attempt at the Certified AWS Penetration Tester Exam (CAPT).
A professionally structured report template is provided for use in real-world engagements.

Get Certified (CAPT)

Earn the Certified AWS Penetration Tester (CAPT) certification to validate your expertise in AWS exploitation, red teaming tactics, and cloud security bypass techniques. This certification proves your ability to conduct real-world attack simulations against AWS environments, making you a valuable asset in cloud security. Gain hands-on experience through labs and instructor-led training, preparing for roles like Red Teamer (Cloud) or Cloud Penetration Tester. Participants receive a CAPT certificate upon completing the bootcamp and passing the practical exam.

FAQs

Is this course suitable for beginners?

This course starts with foundational AWS concepts and builds up to advanced topics, making it beginner-friendly.

Will I get hands-on experience?

Yes! Each topic is paired with practical exercises in a lab environment to reinforce your learning.

How long does it take to complete this course?

The course is self-paced. With consistent effort, you can complete it in 4-6 weeks, depending on your prior experience.

Does this course cover real-world scenarios?

Absolutely! The course includes exploitation of real-world AWS vulnerabilities and misconfigurations encountered in professional red teaming engagements.

Can this course help me prepare for a red teaming role?

Yes, this course is designed to provide the technical skills and methodologies needed for red teaming, making it an excellent step toward a professional role.

When will my lab access begin?

Lab access will be activated immediately after you purchase the course.

How can the lab access be extended?

To request a lab extension, an email can be sent to training@redfoxsec.com.

Ready to Master the Art of Pentesting?

Choose our pentesting courses for:

Affordable Price

Unlock your potential with affordable upskilling! Our unbeatable course prices are your chance to level up without breaking the bank.

Lifetime Access

Acquire lifetime access to our resources when you buy our courses. Gain knowledge today and unlock a lifetime of learning.

Certificate of Completion

Upon completing our course, you'll receive a certificate of completion to showcase your new skills. Add it to your resume or LinkedIn profile.

Hands-On Experience

Get hands-on experience with real-world scenarios and challenges, giving you practical skills that you can apply immediately in your career.

Expert Instructors

Learn from industry experts with years of experience in pentesting, who are passionate about sharing their knowledge and helping you succeed.

Flexible Learning

Whether you're a beginner or an experienced professional, our courses are designed to meet you where you are and help you reach your goals.

Get in Touch

Have a question, need assistance, or want to collaborate? We’re here to help!

Whether you're looking for cutting-edge cybersecurity solutions or expert training or want to learn more about our services, contact us today.

+91