Certified Hybrid Multi-Cloud Red Team Specialist

Enterprises across the globe are moving to the Cloud Technology. The technical understanding and enormous cost of rewriting infrastructure-applied applications to re-platform and work with the new cloud concept is a difficult task. The irregularities caused due to mis-understanding / deficit knowledge of New Cloud Concepts offered by leading Cloud Service Providers like AWS, Microsoft Azure and Google Cloud Platform etc have introduced multiple loopholes easily identified and exploited by Threat Actors to abuse and exploit the organization infrastructure.


Live Interactive Sessions

Training will be fully delivered over customized live classes scheduled on weekends. The students will be directly interacting with the instructors with mind boggling ideas, assessments scenarios and lab support. Upon enrolling in the training, students will be provided with the materials, lab setup instructions and the meeting links will be provided anytime within 1 week prior to the live session start date.

In case anyone missed the classes, they can re-schedule their attendance to next batch happening on weekends to cover the syllabus. We have a dedicated live support team with us managing doubts, queries etc of enrolled students.

Training Syllabus

The training contents are divided across 4 sections listed below:

Attacking - AWS Cloud Environment

  • Enumerating & Designing Attack Surface of AWS Cloud Services
  • Exploit Lambda Function for Persistence & Privilege Escalation
  • Pivoting & Lateral Movement using AWS VPC Service
  • Post-Exploitation by abusing mis-configured AWS Services
  • Data Exfiltration from S3, RDS, STS & Secret Manager etc

Attacking - Azure Cloud Environment

  • Enumerating & Designing Attack Surface of Azure Cloud Services
  • Pivoting Azure Control Plane to the Date Plane
  • Stealth Persistence Access of Azure account by Service Principal
  • Privilege Escalation by abusing mis-configured RBAC
  • Mis-use Azure Authentication Methods [PHS, PTA, Federation]

Attacking - Google Cloud Environment

  • Enumerating & Designing Attack Surface of GCP Services
  • Enumerating & Exploiting Google Kubernetes Services
  • Post-Exploitation by abusing mis-configured GCP Services
  • Privilege Escalation by exploiting mis-configured OAuth & IAM
  • Persistence Access by Temporary/ Permanent Access Token

Attacking - Hybrid Multi-Cloud Environment

  • Lateral movement from one Cloud to another Cloud Platform
  • Enumerate & exploit widely used SaaS Services (O365, G-Suite)
  • Exploit Trusted Relationship for expanding the access
  • Pivoting from On-premise to Cloud environment & vice-versa
  • Use Manual/Open-Source Tools for Offensive Operations

CWL Lab Spinning SaaS Platform

We have designed a SaaS platform that can be extensively used for lab spinning purposes. There are 100+ Multi-Cloud Challenges that can be instantly created under a minute for multiple users. Please note that the realistic lab scenarios will be built under user's cloud environment.

A proper functional user cloud account in all the 3 major vendors are required for lab spinning. Students would be able to seamlessly create, practice, manage, monitor and destroy the labs in a single click in our SaaS platform.


Hybrid Multi-Cloud Simulated Environment (Cyber Range Lab)

Enrolled students will be provided access to the Hybrid Multi-Cloud Lab Architecture running under CyberWarFare Labs account for full 30 days. The best part is that students can schedule the lab anytime within 1 year from the date of enrollment. Lab Architecture is designed to cover all the attacks that are demonstrated during the training sessions in AWS, Azure, Google Cloud and On-prem environment. The main focus of this lab is to perform Red Team Operations on Simulated Hybrid Multi-Cloud Environment.

As mentioned, the lab will be given access for 30 days with technical support.

Hybrid Multi Cloud Enterprise Simulation Lab
CHMRTS Digital Certificate + Badge
SaaS Solution for Spinning Lab
Red Teaming in On-Prem, AWS, Azure & GCP
Study Materials : 500+ Pages PDF
Mapped with MITRE Cloud TTPs

CHMRTS Training Schedule

The training will be commenced remotely with live sessions model every weekends (specific dates will be announced soon!). Each live session will be of 4 hours with technical support. The training syllabus includes hands-on labs in each and every exercises.

After purchase, the student can schedule the class anytime within 1 year from the date of enrollment (as per their schedule). Even if a session is missed by the student, they can schedule the class on the upcoming weekends as per their availability. We have customized our training delivery options to best suite our customer needs :)

Live Sessions

6 live sessions each of 4 hours duration

Customized Classes

Book your missed classes (within 1 year)

Technical Support

Dedicated support team during & after class

2 Exam Attempts

1 Exam & 1 re-attempt is included in purchase

Multi-Cloud Cyber Range

Custom code snippets / scripts to students


 Following are the requirements:

  • Fair Knowledge of Networking and Web Technology
  • Familiarity with command line interface
  • Familiarity with VMWare / Virtual Box technologies
  • Basics of Penetration testing methodology
  • An Open mind 😊

* No prior Cloud knowledge is required.

Target Audience

Targeted Audience may include the following group of people:

  •  Penetration Testers / Red Teams
  •  Cloud Security Professionals
  •  Cloud Architects
  •  SOC analysts
  •  Threat Hunting Team
  •  Last but not the least, anyone who is interested in strengthening their offensive capabilities in multi-Cloud environment

Trainees Takeaway

  • Soft Copy of the Course Content
  • SaaS solution which can be deployed separately under user’s cloud account
  • Realistic Multi-Cloud Cyber Range enterprise environment where Red Team Operator objective is to:
    • Compromise Entire Organization from Cloud to On-Premise
    • Compromise Entire Organization from On-Premise to Cloud 
  • Great Knowledge about the Offensive Cloud Techniques used by adversaries
  • Defense Tactics & Techniques against the discussed offensive techniques
  • 30 days full lab access with technical support during & after the training class

Earn CHMRTS Badge + Certificate

To attain the hard-earned CHMRTS certificate + digital badge students will be tasked to perform Red Team Engagement in Hybrid-Multi Cloud Environment (Simulated Lab). The end goal is to fully compromise Multi-Cloud Environment (AWS, Azure & GCP) and laterally move from Cloud to On-premise & vice versa. After compromising Hybrid Cloud Environment candidates needs to exfiltrate critical resource (or information) of the target organization. The goal must be achieved under the lab time i.e 30 days. Please note that the lab once started cannot be stopped until clear elaboration of circumstances.

Students attending all the live classes of the training will be getting the completion certificate (in both community as well as premium edition).

Community Edition

Free for community

Love from CWL <3

  • Community training material + Technical support
  • Demonstration of CHMRTS Lab
  • 10+ Multi-Cloud based challenges
  • 2 sessions having 2 hours each (weekends classes)
  • Training completion certificate (community edition)

Premium Edition

Subscription plan

Love from CWL <3

  • Premium training material (500+ page PDF, SaaS Lab solutions)
  • Seamless 30 days CHMRTS Lab Access + 1 Year technical support
  • 100+ Multi-Cloud challenges
  • 4 sessions having 4 hours each (weekend classes)
  • Training completion certificate (premium edition)
  • CHMRTS certificate + digital badge
  • One-to-one interaction with instructors
Resgitration starts from 14th Feb


Have any queries about our CHMRTS training?

Fill in the details & our support team will notify you!