Join the Hack Smarter community: hacksmarter.org
--- In this video, we work our way through the "ec2_ssrf" scenario on CloudGoat.
Specifically, I cover the following:
- Enumerating Lambda Functions for secrets
- Enumerating EC2 instances for public web server
- Abusing an SSRF vulnerability in a web server to read AWS metadata
- Searching for sensitive information in S3 buckets
- Fully compromising the environment by stealing credentials of the admin user
Enjoy!
--------------
Introduction to CloudGoat - Full Workshop: • Launch Your First Clou...
Rhino Security Labs Discord: / discord
Work Smarter Discord: / discord
Twitch: hacksmarter.live/