Abstract

Abstract:
We can see how fast organizations are moving from on-prem to cloud to host their application as it reduces a lot of effort in managing the servers. Cloud providers like Azure, AWS, and GCP provides a lot of different type of services that can help in automation without managing the code.

This talk is on Azure Cloud and focuses on how different services can be misconfigured and how we can abuse its features to escalate permission or how we can jump from one service to another to perform lateral movement. Also, how we can get initial access via different methods and perform post-exploitation and also how we can abuse different services to jump from the cloud to an on-prem server.

Speaker

Raunak parmar

Raunak Parmar is an information security professional whose areas of interest include web penetration testing, Azure/AWS security, source code review, scripting, and development.

He has 2+ years of experience in information security. Raunak likes to research new attack methodologies and create open-source tools that can be used during Cloud Security assessments. He has worked extensively on Azure and AWS.

He is the author of Vajra an offensive cloud security tool. He has spoken at multiple conferences like Blackhat, Defcon, and Nullcon.

Timing

Starts at Saturday January 21 2023, 11:45 AM. The sessions runs for about 1 hour.

Resources