Multi-Cloud Security

Oct 4th and 5th, 2023
Grand Hyatt, Kochi, India


Multi-Cloud Security

LearningtheOffensive/ DefensiveCloud-basedAdversarial TTPs

Enterprises across the globe are moving to the Cloud Technology. The technical understanding and enormous cost of rewriting infrastructure-applied applications to re-platform and work with the new cloud concept is a difficult task. The irregularities caused due to mis-understanding / deficit knowledge ofNew Cloud Concepts offered by leading Cloud Service Providers like AWS, Microsoft Azure and GCP etc have introduced multiple loopholes easily identified and exploited by Threat Actors to abuse and exploit the organization infrastructure.

CyberWarFare Labs workshop on "Multi-Cloud Security" aims to provide the trainees with the insights of the offensive / defensive techniques used by the Red Teamers and Blue Teamers in an Enterprise Cloud Infrastructure

As an Attacker, trainee will not only understand the advanced Real-World Cyber Attacks against various major Cloud Vendors like AWS, Microsoft Azure, GCP but also simulate Tactics, Techniques and Procedures (TTP's) widely used by APT groups practically in the lab environment.

As a Defender, trainee will understand various emerging threats and practically approach how to Defend and Secure the Hybrid Multi-Cloud Infrastructure. They will also practically understand widely used Cloud Security Solutions like AWS GuardDuty, Azure Security Centre and GCP Security Command Centre.

Course Content (ToC):

  • Day-1 - Part-1 & Part-2
  • Day 2 - Part-3, Part-4 & Part-5
  • Day - 1
    • Part - 1   Introduction about Multi Cloud Environment
      • (Module-1 : Azure Cloud Environment
        • Azure Identity : Azure AD & RBAC
        • O365 / Microsoft 365
        • Azure Cloud Services (VM, Storage, IaaS, PaaS, SaaS)
      • Module-2 : AWS Cloud Environment
        • Identity & Access Management
        • AWS Cloud Services (IaaS, PaaS, SaaS)
        • AWS SSO
      • Module-3 : GCP Cloud Environment
        • GCP Identity & Access Management
        • GCP Cloud Services (IaaS, PaaS, SaaS)
        • Google Suite / Workspace + Cloud Identity
      • Module-4 : Hybrid Cloud Environment
        • ADFS & External IDP
        • Hybrid Connected Devices
        • On-Prem to Cloud, Cloud to Cloud, Cloud to on-prem
    • Part-2 : Enumeration & Initial Access on Cloud Infrastructure
      • Module-1 : Unauthenticated Enumeration
        • Enumerating Information from DNS Records
        • Enumerating Information from Cloud Vendors
        • Leaked secrets from github
        • Enumeration storage & other information from OSINT
      • Module-2 : Initial Access
        • Exploiting Cloud Services
        • Leaked Credentials
        • Compromising CI/CD pipeline
        • Compromising storage accounts
      • (Module-3 : Authenticated Enumeration
        • AWS Services
        • AAD, O365, Azure Services
        • Cloud Identity, Google Workspace, GCP Services
  • Day - 2
    • Part-3: Exploiting Hybrid Multi-Cloud Services
      • Module-1 : Persistence Access on Multi-Cloud
        • AWS : cross account, within account
        • Azure : service principal, cross tenant, AAD
        • GCP : Access organization, Cloud Identity
        • Hybrid - On-Premise AD
      • Module-2 : Privilege Escalation
        • Elevating Privileges on AWS
        • Elevating Privileges on Azure
        • Elevating Privileges on GCP
        • Privilege Escalation from on-prem to cloud
        • Privilege Escalation from cloud to on-prem
      • Module-3 : Defensive Evasion
        • Various Techniques on AWS, Azure & GCP
    • Part-4 : Lateral Movement
      • Module-1 : Lateral Movement from Cloud to on-premise
        • AWS, GCP, Azure to on-premise
      • Module-2 : Lateral Movement from on-prem to cloud
        • On-prem to AWS, GCP, Azure
      • Module-3 : Within Multi-Cloud
        • AWS, GCP, Azure to each other
    • Part-5 : Case Study
      • Red Teaming Hybrid Multi Cloud Environment in Simulated
        • Lab(Initial Access to Data Exfiltration)

Lab Architecture:

To make the workshop hands-on in the real sense all the attendees will be provided with Lab Access to the Multi-Cloud Environment. Lab Architecture is designed to cover all the attacks from both aspects that are demonstrated during the workshop sessions. We have a large simulated lab environment that have approx. 24 to 30 unique challenges that will be available to people during and after class.

As mentioned, the lab will be given access for 7 more days with technical support.

Who should attend:

Targeted Audience may include the following group of people:

  • Penetration Testers / Red Teams
  • Cloud Security Professionals
  • Cloud Architects
  • SOC analysts
  • Threat Hunting Team
  • Last but not the least, anyone who is interested in strengthening their offensive and detection capabilities in Cloud


  • Fair Knowledge of Networking and Web Technology
  • An Open mind

* No prior Cloud knowledge is required.

Participants Requirements:

  • System with at least 8GB RAM
  • Updated Web Browser
  • Team will share updated documentation

What to expect:

  • Soft Copy of the Course Content.
  • Great Knowledge about the Offensive Cloud Techniques used by adversaries.
  • Defence Tactics & Techniques against the discussed offensive techniques.
  • 7 days full lab access with technical support during & after the workshop
  • Custom automated scripts to setup lab scenarios

What not to expect:

  • Be a Cloud Security Ninja after the workshop
  • 0-Day / exploit release


Manish Gupta

CEO & Director , Cyberwarfare Labs , India

Manish Gupta is Director of CyberWarFare Labs having 6.5+ years of expertise in offensive Information Security. Where he specializes in Red Teaming Activities on enterprise Environment. His Research interest includes Real World Cyber Attack Simulation and Advanced persistent Threat (APT). Previously he has presented his research at reputed conferences like Blackhat USA, DEFCON, Nullcon, BSIDES Chapters, X33fcon, NorthSec & other corporate trainings etc.

Yash Bharadwaj

Co-Founder & Technical architect , Cyberwarfare Labs , India

Yash Bharadwaj, Co-Founder & Technical architect at CyberWarFare Labs with over 4.5 Years of Experience as Technologist Highly attentive towards finding, learning and discovering new TTP's used during offensive engagements. His area of interest includes building Red / Blue team infrastructure, evading AVs & EDFts, Pwning Active Directory infrastructure, stealth enterprise networks & Multi cloud attacks. Previously he has delivered hands-on red / blue / purple team tninings / talks / workshops at Nullcon, X33fCon, NorthSec, BSIDES Chapters, OWASP, CISO Platform, YASCON.


Information Security Research Association Kerala Police


UNICEF UNICRI Centre for Artificial Intelligence and Robotics International Centre for Missing & Exploited Children WeProtect Global Alliance CESP | Conseil Européen des Syndicats de Police Kerala IT Mission


Federal Bank Synthite RP GRPUP


Keyzotrick Intelligence Pvt. Ltd National Critical Information Infrastructure Protection Centre Bharat Petroleum Palo Alto Networks Cyble - Cybersecurity Threat Intelligence Platform & Solutions Seqrite


Cochin Shipyard ICICI Bank State Bank of India SBI Life Geojit SFS Homes Cochin International Airport Manage Engine Resecurity: Cybersecurity Solutions and Services Fortinet Technologies India Pvt Ltd &


GAIL (india) LIMITED Canara Bank Elite Foods CSB Bank Petronet LNG Luker India Trend Micro AVT Natural CYFIRMA Indian Oil Corporation Cochin Port Trust Kerala State Industrial Development Corporation ESAF Bank The Kerala Minerals and Metals Limited


PureID Cyble - Cybersecurity Threat Intelligence Platform & Solutions Resecurity: Cybersecurity Solutions and Services Prophaze Manage Engine Darwis Fortinet Technologies India Pvt Ltd & Alibi Global Private Limited eSec Forte Technologies Palo Alto Networks Seqrite Innspark Enterprise Security C-DAC: Centre for Development of Advanced Computing, India ECS Biztech State Bank of India Kratikal Tech Pvt. Ltd. CYFIRMA TerraEagle Netskope Geojit


EliteCISOs GTech - Group of Technology Companies - Technopark, Infopark, Cyberpark BSides Odisha


WTC Kochi


Information Security Media Group The 420



Jet Suit demo partner


c0c0n @16

c0c0n is a 15 years old platform that is aimed at providing opportunities to showcase, educate, understand and spread awareness on Information Security, data protection, and privacy...

Where & When?

Oct 04th to 07th 2023
Grand Hyatt, Kochi, India

Reach us @

(+91) 974-690-6654