An Attacker's Approach to Pentesting IBM Cloud - fwd:cloudsec 2021

Posted by
Riyaz Walikar
on
September 14, 2021
· 2 min read

Background

The idea for the talk came when I was building CTF challenges for CloudVillage at DefCon this year. The idea was to create challenges in cloud platforms, other than the big 3, which would not only get the folks playing all riled up, but those who love to go the extra mile would figure out solutions reading the documentation and by poking around. It was then that I realised how little has been written about attacking IBM Cloud.

The talk is mostly me attempting to make sense of the documentation, poking around to see what the services do and see what parts could be attacked. The research is still ongoing and given that there is not a lot you can present in the 20 minutes during the conference, we have created a repository of things that everyone could add to.

An Attacker's Approach to Pentesting IBM Cloud - Repo and Slides

The GitHub repo is at - https://github.com/Kloudle/pentesting-ibm-cloud

Here are all the slides from the fwd:cloudsec 2021 conference presented virtually on 14th September 2021

https://github.com/Kloudle/pentesting-ibm-cloud/blob/master/an-attackers-approach-to-pentesting-ibm-cloud-fwdcloudsec2021-slides.pdf

What's Next

This post will be updated with a rundown of the slides and the video recording when it becomes available from the conference organisers.

More Articles

Kloudle is a BlackHat USA 2021 Sponsor
Posted by
Akash Mahajan
on
August 4, 2021

From being trainers at BlackHat to sponsoring at the conference. A bit about our journey in brief.

Read More
You do not want to miss these talks at Black Hat USA!
Posted by
Riyaz Walikar
on
August 3, 2021

A list of talks in the Cloud Security and Platform domain that we have added to our must watch list of talks as the sheer number of sessions at the Black Hat briefings can be overwhelming!

Read More
Authentication Bypass in Apache Airflow - CVE-2020-17526 and AWS Cloud Platform compromise
Posted by
Riyaz Walikar
on
June 22, 2021

An authentication bypass within Apache Airflow allowed an attacker to login as any user in the Airflow system. Post exploitation within the app, led to a full cloud account compromise on AWS.

Read More

Ready to give Kloudle a try?

We help you monitor and prevent any data breaches.

Let's Talk