SAINTCON 2021 has ended
Utah’s Premiere Security Conference
Back To Schedule
Thursday, October 21 • 3:30pm - 4:30pm
Mining Cloud Resources for Initial Access via Serverless Services

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Cloud (AWS, Azure, GCP, etc.) providers make the sharing of resources as easy and convenient as the push of a button, but how often do users unintentionally also share sensitive information which would enable an attacker and/or red teamer to gain a foothold into the targeted cloud environment? Join us in this action-packed session, where we will explore a few practical cloud-centric attack vectors, which may have disastrous consequences for unprepared organizations. Including: - Collection of shared resources (e.g. AWS‚Äôs AMIs, EBS Snapshots, etc.) - Processing of resources for credentials (e.g. AWS Access Key IDs & Secrets, SSH Private Keys, Password Hashes, etc.) and other semi-sensitive information (e.g. AWS Account IDs, Usernames, etc.) - Leveraging of credentials to gain initial access into targeted information systems (e.g. RDP, SSH, Cloud Provider‚ CLIs, etc.). In addition, we will show you how by leveraging various serverless technologies (e.g. AWS‚ Lambda, Azure Functions, etc.) we were able to automate various aspects of our red team, penetration testing processes, enabling us to scale our offensive operations to new heights!


Bryce Kunz

Bryce Kunz (@TweekFawkes) is an Information Security Researcher located in Salt Lake City, Utah. Bryce currently leads the security offensive testing of Adobe's Marketing Cloud SaaS infrastructure via researching and developing custom exploits for web applications and other cloud... Read More →

Thursday October 21, 2021 3:30pm - 4:30pm MDT
Ballroom B (2nd Floor)