Certified Hybrid Multi-Cloud Red Team Specialist
Enterprises across the globe are moving to the Cloud Technology. The technical understanding and enormous cost of rewriting infrastructure-applied applications to re-platform and work with the new cloud concept is a difficult task. The irregularities caused due to mis-understanding / deficit knowledge of New Cloud Concepts offered by leading Cloud Service Providers like AWS, Microsoft Azure and Google Cloud Platform etc have introduced multiple loopholes easily identified and exploited by Threat Actors to abuse and exploit the organization infrastructure.
The training fourth batch will tentatively begin from:
Schedule
[Yet to be announced]
Live Interactive Sessions
Training will be fully delivered over customized live classes scheduled on weekends. The students will be directly interacting with the instructors with mind boggling ideas, assessments scenarios and lab support. Upon enrolling in the training, students will be provided with the materials, lab setup instructions and the meeting links will be provided anytime within 1 week prior to the live session start date.
We have a dedicated live support team with us managing doubts, queries etc of enrolled students. In case anyone misses the training dates, they can shift their slots to the next training batch by emailing the support team.
Training Syllabus
The training contents are divided across 4 sections listed below:
Attacking - AWS Cloud Environment
- Enumerating & Designing Attack Surface of AWS Cloud Services
- Exploit Lambda Function for Persistence & Privilege Escalation
- Pivoting & Lateral Movement using AWS VPC Service
- Post-Exploitation by abusing mis-configured AWS Services
- Data Exfiltration from S3, RDS, STS & Secret Manager etc
Attacking - Azure Cloud Environment
- Enumerating & Designing Attack Surface of Azure Cloud Services
- Pivoting Azure Control Plane to the Date Plane
- Stealth Persistence Access of Azure account by Service Principal
- Privilege Escalation by abusing mis-configured RBAC
- Mis-use Azure Authentication Methods [PHS, PTA, Federation]
Attacking - Google Cloud Environment
- Enumerating & Designing Attack Surface of GCP Services
- Enumerating & Exploiting Google Kubernetes Services
- Post-Exploitation by abusing mis-configured GCP Services
- Privilege Escalation by exploiting mis-configured OAuth & IAM
- Persistence Access by Temporary/ Permanent Access Token
Attacking - Hybrid Multi-Cloud Environment
- Lateral movement from one Cloud to another Cloud Platform
- Enumerate & exploit widely used SaaS Services (O365, G-Suite)
- Exploit Trusted Relationship for expanding the access
- Pivoting from On-premise to Cloud environment & vice-versa
- Use Manual/Open-Source Tools for Offensive Operations
Hybrid Multi-Cloud Simulated Environment (Cyber Range Lab)
Enrolled students will be provided access to the Hybrid Multi-Cloud Lab Architecture running under CyberWarFare Labs account for full 30 days. The best part is that students can schedule the lab anytime within 1 year from the date of enrollment. Lab Architecture is designed to cover all the attacks that are demonstrated during the training sessions in AWS, Azure, Google Cloud and On-prem environment. The main focus of this lab is to perform Red Team Operations on Simulated Hybrid Multi-Cloud Environment.
As mentioned, the lab will be given access for 30 days with technical support.
CHMRTS Training Schedule
The training will be commenced remotely with live sessions model. Each live session will be of 6 hours with technical support. The training syllabus includes hands-on labs in each and every exercises.
Upon enrollment students will get the training outline blueprint.
Please note that the training materials (PDFs + additional materials) will be available to the portal soon.
We have customized our training delivery options to best suite our customer needs :)
Live Sessions
2 live sessions each of 6 hours duration
Customized Classes
Book your missed classes (within 1 year)
Technical Support
Dedicated support team during & after class
2 Exam Attempts
1 Exam & 1 re-attempt is included in purchase
Multi-Cloud Cyber Range
Custom code snippets / scripts to students
Pre-requisites
Following are the requirements:
- Fair Knowledge of Networking and Web Technology
- Familiarity with command line interface
- Familiarity with vitualization technologies
- Basics of Penetration testing methodology
- An Open mind 😊
* No prior Cloud knowledge is required.
Target Audience
Targeted Audience may include the following group of people:
- Penetration Testers / Red Teams
- Cloud Security Professionals
- Cloud Architects
- SOC analysts
- Threat Hunting Team
- Last but not the least, anyone who is interested in strengthening their offensive capabilities in multi-Cloud environment
Trainees Takeaway
- Soft Copy of the Course Content
- SaaS solution which can be deployed separately under user’s cloud account
- Realistic Multi-Cloud Cyber Range enterprise environment where Red Team Operator objective is to:
- Compromise Entire Organization from Cloud to On-Premise
- Compromise Entire Organization from On-Premise to Cloud
- Great Knowledge about the Offensive Cloud Techniques used by adversaries
- Defense Tactics & Techniques against the discussed offensive techniques
- 30 days full lab access with technical support during & after the training class
Certification Procedure:
To earn CyberWarFare Labs CHMRTS certificate + Badge, candidate must fulfill below criteria :
Earn CHMRTS Badge + Certificate
To attain the hard-earned CHMRTS certificate + digital badge students will be tasked to perform Red Team Engagement in Hybrid-Multi Cloud Environment. Students must first schedule the examination asking the support team as per their convenience. The allotted tasks must be achieved during the lab period that is 1 month which can be started anytime as per the schedule and convenience of the student.
However, Students attending all the live classes of the training will be getting the completion certificate (in both community as well as premium edition).
Want to win a FREE seat, write down your details here?
Fill in the details & we will only reach out to you in case you are selected (Only 1 seat per batch is the limit)
