πŸ§ͺ Experimental Feature

Tag-based content organization is an experimental feature. This page and its functionality may change as we refine the tagging system.

Tag: Cloud Pentesting

Focus Area: ☁️ Cloud Security
85
Total Entries
77
Contributors

Top Contributors

Nitesh Surana(7) Raunak Parmar(7) Manish Gupta(5) Nishant Sharma(5) Yash Bharadwaj(5)

All Entries (85 total, sorted by date)

DateTypeConferenceTitleSpeaker(s)Tags
2025-12-10Tool demoBlackhat EKSi-lite: Simple & Lightweight EKS Cluster Listing & Security Tool Source Code Divyanshu Shukla, Anjali Singh Shukla#aws#kubernetes#cloud-security-posture-management+4
2025-12-10Tool demoBlackhat Kubernetes Goat – A Hands-on Interactive Kubernetes Security Playground Source Code Madhu Akula#kubernetes#container-security#cloud-pentesting+1
2025-12-10Tool demoBlackhat KubeShadow - Advanced Offensive Kubernetes Red-Team Framework Source Code Aashita Pandey, Binayak Choudhury#kubernetes#red-teaming#cloud-pentesting+1
2025-08-07Tool demoBlackhat Cloud Offensive Breach and Risk Assessment (COBRA) Source Code Harsha Koushik, Anand Tiwari#cloud-pentesting#risk-management#edr
2025-08-07Tool demoBlackhat Halberd : Multi-Cloud Agentic Attack Tool Source Code Arpan Abani Sarkar#cloud-access-security-broker#cloud-pentesting#security-testing+3
2025-08-07TalkBlackhat Kernel-Enforced DNS Exfiltration Security: Framework Built for Cloud Environments to Stop Data Breaches via DNS at Scale Presentation Whitepaper Vedang Parasnis#dns#data-leak#kernel+1
2025-08-06Tool demoBlackhat CloudLens Gaurav Joshi, Hare Krishna Rai, K v Prashant#aws#cloud-pentesting#red-teaming+2
2025-08-06Tool demoBlackhat RedInfraCraft : Automate Complex Red Team Infra Source Code Yash Bharadwaj, Manish Gupta#red-teaming#cloud-access-security-broker#cloud-compliance+4
2025-06-27TalkLehack From HTML Injection to Full AWS Account Takeover: Discovering Critical Risks in PDF Generation Video Raunak Parmar#ssrf#aws#web-security+2
2025-04-04Tool demoBlackhat Agneyastra - Firebase Misconfiguration Detection Toolkit V2 Source Code Bhavarth Karmarkar, Devang Solanki#misconfiguration#cloud-pentesting#security-tools+1
2025-04-04Tool demoBlackhat Kubernetes Goat: A Hands-on Interactive Kubernetes Security Playground Source Code Madhu Akula#kubernetes#cloud-workload-protection#container-security+4
2025-04-04Tool demoBlackhat RedInfraCraft : Automate Complex Red Team Infra Source Code Yash Bharadwaj, Manish Gupta#cloud-access-security-broker#cloud-compliance#cloud-pentesting+1
2025-04-03Tool demoBlackhat Halberd : Multi-Cloud Security Testing Tool Source Code Arpan Abani Sarkar#cloud-access-security-broker#cloud-pentesting#security-tools+2
2025-03-02TalkNullcon Kernel Conquest: Breaking Boundaries and Demystifying Kernel SU for Root Access in Azure Cloud Shell Video Alla Vamsi Krishna, Kandi Abhishek Reddy#kernel#azure#container-security+2
2024-12-12Tool demoBlackhat Cloud Offensive Breach and Risk Assessment (COBRA) Source Code Harsha Koushik, Anand Tiwari#cloud-pentesting#cloud-workload-protection#security-testing+3
2024-12-12Tool demoBlackhat GoatPen: Hack, Hone, Harden Source Code Nishant Sharma, Shantanu Kale#aws#cloud-access-security-broker#cloud-compliance+4
2024-12-12Tool demoBlackhat Halberd : Cloud Security Testing Tool Source Code Arpan Abani Sarkar#cloud-pentesting#red-teaming#azure+1
2024-12-12Tool demoBlackhat RedCloud OS : Cloud Adversary Simulation Operating System Source Code Yash Bharadwaj, Manish Gupta#cloud-pentesting#red-teaming#aws+1
2024-12-11Tool demoBlackhat Agneyastra - Firebase Misconfiguration Detection Toolkit Source Code Bhavarth Karmarkar, Devang Solanki#cloud-pentesting#misconfiguration#bug-bounty
2024-12-11Tool demoBlackhat findmytakeover - find dangling domains in a multi cloud environment Source Code Aniruddha Biyani#dns#cloud-pentesting#reconnaissance
2024-10-02TalkVirusbulletin From code to crime: exploring threats in GitHub Codespaces Presentation Whitepaper Video Nitesh Surana, Jaromir Horejsi#cloud-pentesting#supply-chain-security#exploitation
2024-08-08Tool demoBlackhat Cloud Offensive Breach and Risk Assessment (COBRA) Source Code Anand Tiwari, Harsha Koushik#cloud-security-posture-management#cloud-pentesting#security-testing+1
2024-08-07Tool demoBlackhat BucketLoot - An Automated S3 Bucket Inspector Source Code Kunal Aggarwal, Umair Nehri#aws#cloud-pentesting#reconnaissance+1
2024-08-07Tool demoBlackhat RedCloud OS : Cloud Adversary Simulation Operating System Source Code Manish Gupta, Yash Bharadwaj#os#cloud-pentesting#aws+4
2024-05-27TalkConfidence Hacker’s Story from Reader to Global Admin in Azure Video Raunak Parmar#cloud-pentesting#azure#ethical-hacking+4
2024-05-24TalkAuscert Mastering the art of Attacking and Defending a Kubernetes Cluster Video Sanjeev Mahajan#kubernetes#cloud-pentesting#container-security+1
2024-04-19Tool demoBlackhat AWSDefenderGPT: Leveraging OpenAI to Secure AWS Cloud Source Code Sherin Stephen, Nishant Sharma, Rishappreet Singh Moonga#aws#ai-security#ai+4
2024-04-19Tool demoBlackhat BucketLoot - An Automated S3 Bucket Inspector Source Code Umair Nehri#aws#cloud-pentesting#reconnaissance+1
2024-04-18TalkBlackhat Breaking Managed Identity Barriers In Azure Services Presentation Nitesh Surana, David Fiser#azure#cloud-pentesting#access-management+3
2024-04-18Tool demoBlackhat Catching adversaries on Azure - Deception on Cloud Source Code Subhash Popuri#azure#cloud-workload-protection#cloud-pentesting+4
2024-04-18Tool demoBlackhat findmytakeover - find dangling domains in a multi cloud environment Source Code Aniruddha Biyani#dns#cloud-workload-protection#cloud-pentesting+1
2024-04-18Tool demoBlackhat Nightingale: Docker for Pentesters Source Code Raja Nagori#docker#application-pentesting#cloud-pentesting+3
2024-04-18Tool demoBlackhat RedCloud OS : Cloud Adversary Simulation Operating System Source Code Manish Gupta, Yash Bharadwaj#os#cloud-pentesting#aws+4
2023-12-07Tool demoBlackhat Route53Sweep: Empowering AWS Route53 Security with Automated Scanning & Comprehensive Inventory Management Source Code Divyanshu Shukla, Anjali Singh Shukla#aws#cloud-access-security-broker#cloud-monitoring+2
2023-12-06Tool demoBlackhat BucketLoot - An Automated S3-compatible Bucket Inspector Source Code Owais Shaikh, Umair Nehri#aws#cloud-pentesting#reconnaissance+1
2023-12-06Tool demoBlackhat Docker Exploitation Framework Source Code Rohit Pitke, Emmanuel Law#exploitation#container-security#docker+4
2023-12-06Tool demoBlackhat HAWK Eye - PII & Secret Detection tool for your Servers, Database, Filesystems, Cloud Storage Services Source Code Rohit Kumar#bug-hunting#data-loss-prevention#data-protection+4
2023-09-28TalkRootcon Azure Illuminati: Unveiling the Mysteries of Cloud Exploitation Video Raunak Parmar#azure#cloud-pentesting#mfa+4
2023-09-23TalkNullcon Uncovering Azure’s Silent Threats: A Journey Into Cloud Vulnerabilities Presentation Video Nitesh Surana#azure#cloud-pentesting#application-hardening+4
2023-08-25TalkHitbsecconf Breaking ML Services: Finding 0-days in Azure Machine Learning Presentation Video Nitesh Surana#machine-learning#cloud-access-security-broker#cloud-compliance+4
2023-08-24Tool demoHitbsecconf Vajra Source Code Raunak Parmar#aws#azure#cloud-pentesting+3
2023-08-10TalkBlackhat Uncovering Azure’s Silent Threats: A Journey into Cloud Vulnerabilities Presentation Nitesh Surana, Magno Logan, David Fiser#azure#cloud-pentesting#cloud-vulnerabilities+1
2023-08-09Tool demoBlackhat BucketLoot - An Automated S3 Bucket Inspector Source Code Owais Shaikh, Umair Nehri#aws#cloud-pentesting#reconnaissance+1
2023-08-09Tool demoBlackhat DIAL - Did I Alert Lambda? Centralised Security Misconfiguration Detection Framework Source Code Saransh Rana, Rashid Feroze, Harsh Varagiya#misconfiguration#cloud-access-security-broker#cloud-monitoring+4
2023-08-07TalkC0c0n Cyber Threats to Global Financial Systems Video Lince Lawrence#incident-management#risk-management#cloud-monitoring+4
2023-08-07TalkC0c0n Serverless Siege: AWS Lambda Pentesting Video Anjali Singh Shukla, Divyanshu Shukla#aws#serverless#cloud-pentesting+2
2023-08-07TalkC0c0n Uncovering Azure’s Silent Threats: A Story of Cloud Vulnerabilities Video Nitesh Surana#azure#cloud-vulnerabilities#cloud-pentesting+1
2023-06-01TalkSecurityfest Beyond On-Premises: Exploring the Post-Domain Admin Landscape in the Cloud Video Sriraam Natarajan, Venkatraman Kumar#red-teaming#azure#active-directory+2
2023-05-12Tool demoBlackhat GCPGoat : A Damn Vulnerable GCP Infrastructure Source Code Shantanu Kale, Rishappreet Singh Moonga, Ravi Verma, Govind Krishna#gcp#cloud-pentesting#cloud-workload-protection+4
2023-05-12Tool demoBlackhat Vajra - Your Weapon To Cloud Source Code Raunak Parmar#aws#azure#cloud-pentesting+4
2023-05-11Tool demoBlackhat AzureGoat : A Damn Vulnerable Azure Infrastructure Source Code Nishant Sharma, Dasari Yashwanth Babu#azure#cloud-pentesting#cloud-workload-protection+2
2023-05-11Tool demoBlackhat Kubernetes Goat: Interactive Kubernetes Security Learning Playground Source Code Madhu Akula#kubernetes#cloud-workload-protection#container-security+4
2022-12-08Tool demoBlackhat ThunderCloud: Attack Cloud Without Keys! Source Code Shivankar Madaan#aws#azure#gcp+2
2022-09-28TalkRootcon AWSGoat : A Damn Vulnerable AWS Infrastructure Presentation Video Jeswin Mathai, Shantanu Kale, Sanjeev Mahunta#aws#cloud-pentesting#cloud-workload-protection+4
2022-09-23TalkC0c0n A Tale of Credential Leak of a Popular Cloud Threat Actor Nitesh Surana#security-assessment#cloud-pentesting#cloud-workload-protection+2
2022-09-23TalkC0c0n Common Misconfigurations in your Kubernetes Cluster and What can you do about it? Kumar Ashwin#kubernetes#cloud-workload-protection#container-security+4
2022-09-08TalkNullcon Handling A Bug Bounty program From A Blue Team Perspective Presentation Video Ashwath Kumar, Ankit Anurag#blueteam#cloud-monitoring#cloud-pentesting+4
2022-09-08Tool demoNullcon Vajra - Your Weapon To Cloud Presentation Source Code Raunak Parmar#cloud-security-posture-management#cloud-pentesting#azure+4
2022-09-07TalkNullcon Scale hacking to secure your cloud and beyond Video Anand Prakash#cloud-pentesting#cloud-security-posture-management#container-security+4
2022-08-10Tool demoBlackhat AWSGoat : A Damn Vulnerable AWS Infrastructure Source Code Nishant Sharma, Jeswin Mathai, Sanjeev Mahunta#aws#cloud-pentesting#cloud-workload-protection+4
2022-08-10Tool demoBlackhat AzureGoat : A Damn Vulnerable Azure Infrastructure Source Code Jeswin Mathai, Nishant Sharma, Rachna Umaraniya#azure#cloud-pentesting#cloud-workload-protection+3
2022-08-10Tool demoBlackhat HazProne : Cloud Hacking Source Code Devansh Patel, Staford Titus S#cloud-pentesting#cloud-workload-protection#aws+4
2022-08-10Tool demoBlackhat Vajra - Your Weapon To Cloud Source Code Raunak Parmar#cloud-pentesting#cloud-security-posture-management#azure+3
2022-07-23TalkHope Combating Ransom-War: Evolving Landscape of Ransomware Infections in Cloud Databases Video Aditya K Sood#ransomware#cloud-pentesting#data-protection
2022-06-01TalkSecurityfest Exploitation and automated detection of threats to modern cloud infrastructure Video Krishnaa Srinivasa, Maithri Nadig#aws#vulnerability-assessment#cloud-monitoring+4
2022-05-12Tool demoBlackhat ThunderCloud: Attack Cloud Without Keys! Source Code Shivankar Madaan#aws#cloud-pentesting#phishing
2021-11-18TalkHackinparis Is it really an intrusion if you get called in?: Mis-configuration based attacks in AWS Kavisha Sheth#aws#cloud-workload-protection#cloud-pentesting+3
2021-11-11Tool demoBlackhat DejaVu ++ Source Code Bhadreshkumar Patel, Harish Ramadoss#blueteam#cloud-access-security-broker#cloud-compliance+4
2021-11-10Tool demoBlackhat Kubestriker: A Blazing Fast Security Auditing Tool Source Code Vasant Kumar#kubernetes#cloud-workload-protection#container-security+3
2021-08-04Tool demoBlackhat Kubestriker: A Blazing Fast Kubernetes Security Auditing Tool Source Code Pralhad Chaskar, Vasant Kumar#kubernetes#cloud-workload-protection#container-security+4
2020-03-06TalkNullcon Cloud As an Attack vector Presentation Video Ashwin Vamshi, Rushikesh Vishwakarma#cloud-pentesting#exploitation#aws
2019-11-28TalkDeepsec Mastering AWS Pentesting and Methodology Video Ankit Giri#aws#security-assessment#cloud-pentesting+1
2019-09-27TalkC0c0n Building a cloud security monitoring and auditing framework Nirali Shah, Prasoon Dwivedi#blueteam#cloud-monitoring#cloud-pentesting+4
2019-09-27TalkC0c0n Doing SecOps for the Cloud using Cloud Native Services Akash Mahajan#blueteam#cloud-workload-protection#container-security+3
2019-08-08TalkDefcon Anatomy of cloud hacking Pratik Shah#cloud-pentesting#post-exploitation#architecture+1
2019-05-21TalkPhdays GDALR: an efficient model duplication attack on black-box machine learning models Presentation Rewanth Tammana, Nikhil Joshi#red-teaming#machine-learning#api-security+3
2019-05-09TalkHitbsecconf GDALR: Duplicating Black Box Machine Learning Models Presentation Video Rewanth Tammana, Nikhil Joshi#machine-learning#red-teaming#api-security+2
2018-10-05TalkC0c0n Unconventional vulnerabilities in Google Cloud Platform Pranav Venkat#gcp#red-teaming#cloud-pentesting+3
2018-03-01TalkNullcon Breaking Into Container Orchestrators Presentation Nadeem Hussain#red-teaming#cloud-workload-protection#container-security+2
2017-08-18TalkC0c0n Cloud_Security Suite - One stop tool for auditing cloud infrastructure Source Code Shivankar Madaan, Jayesh Chauhan#aws#blueteam#cloud-monitoring+4
2015-08-01TalkC0c0n S3curi7y at 36K feet Rugved Mehta, Gaurav Trivedi#aws#azure#gcp+3
2013-11-07TalkGroundzerosummit Abusing Google Apps: Google is my command and control center Presentation Ajin Abraham#android#red-teaming#cloud-pentesting+4
2013-08-16TalkUsenix Building Securable Infrastructure: Open-Source Private Clouds Video Pravir Chandra#cloud-pentesting#architecture#open-source-security
2011-10-08TalkC0c0n Stratagemizing Security Against Perpetrators In Cloud Infrastructure K S Abhiraj#blueteam#cloud-security-posture-management#cloud-pentesting+4
2009-11-18TalkSecuritybyte Cloud Hacking – Distributed Attack & Exploit Platform Shreeraj Shah#red-teaming#cloud-pentesting#cloud-workload-protection+1