This training takes a hands-on, attacker-first approach to modern cloud environments across AWS, GCP, DigitalOcean, and Alibaba Cloud. While traditional techniques focus on shells and endpoints, this course shifts perspective to real-world cloud abuse paths—where misconfigurations, privilege escalations, and service interactions can cause far more damage. Through scenario-driven labs and case studies, participants will learn to enumerate, exploit, and pivot within and across cloud providers using native tools and real-world tactics. Ideal for red teamers, pentesters, and cloud defenders who want to think like an attacker and secure modern infrastructure effectively.

Key topics include:

• Enumerating cloud assets (S3 buckets, IAM roles, Spaces, OSS) without credentials
• Abusing SSRF and IMDSv2 for privilege escalation
• IAM exploitation on AWS, GCP, and Alibaba Cloud
• Escaping GKE clusters and impersonating service accounts on Google Cloud
• Attacking DigitalOcean Spaces and ECS instances
• Exploiting triggers and misconfigurations in AWS Lambda and lesser-known services
• Multi-cloud pivoting and lateral movement using native APIs
• Real-world breach simulations and pentest-inspired cloud lab scenarios

Students will gain repeatable methodologies, guided labs, and post-training resources to practice cloud offensive techniques in a safe environment.

This two-day course provides a comprehensive, hands-on exploration of software supply chain security—covering both attack and defense. On Day 1, participants adopt the attacker’s mindset to exploit vulnerabilities across code repositories, developer environments, CI/CD pipelines, and package managers. Day 2 shifts focus to defenses, mapping real threats to frameworks like SLSA and NIST SSDF while implementing practical safeguards such as SCA tools, SBOMs, provenance verification, and runtime security. Designed for developers, security engineers, and IT leaders alike, the course blends real-world case studies, demos, and labs to equip you with actionable skills for securing the full software delivery lifecycle.

Key topics include:

• Attacking VS Code, IDE/browser extensions, Git misconfigurations, CI/CD, and package ecosystems
• Creating malicious dependencies and exploiting deployment systems (e.g., GitHub Actions, ArgoCD)
• Cloud & Kubernetes attack paths: IAM abuse, misconfigured images, insecure defaults
• Defense strategies based on SLSA, NIST SSDF, and governance-first models
• Generating and managing SBOMs, securing provenance, cloud audits, and runtime protection
• Role-based responsibilities, breach response, and infrastructure setup for red/blue team practice

Each module includes hands-on labs, real-world attack simulations, and post-training resources to continue your learning journey.

This course focuses on the offensive side of CI/CD security, helping participants understand and exploit modern continuous integration and delivery systems. As enterprises rapidly adopt CI/CD for faster deployments, insecure defaults and overlooked attack surfaces have made them prime targets. The training walks through core concepts, architecture, and real-world threats—covering both self-hosted and SaaS-based platforms like GitHub, GitLab, Jenkins, and Gitea. The course culminates in a hands-on CTF challenge where learners attack a vulnerable CI/CD environment.

Key topics include:

• CI/CD fundamentals, architecture, and role in SDLC
• Common attack vectors and real-world CI/CD breaches
• Platform-specific attacks:
  • GitHub: Context injection, workflow tampering, secrets leakage, and malicious actions
  • Jenkins: Script console abuse, plugin exploits, build artifact tampering
  • GitLab CI: Runner exploitation, pipeline manipulation, insecure defaults
• Cloud-native CI/CD misconfigurations and IAM flaws
• Using CI/CD systems for persistence, stealth, and C2

Students gain hands-on experience through labs and a live CTF to reinforce exploitation techniques in realistic enterprise setups.

This course provides security engineers and penetration testers with a methodical, hands-on approach to assessing and securing Android applications. Blending both offensive and defensive techniques, it covers real-world threats, analysis methods, and secure development practices across modern Android ecosystems, including hybrid frameworks like React Native and Flutter.

Key topics include:

• Traffic interception (HTTP/HTTPS/WebSocket/non-HTTP)
• Root detection bypass techniques
• Static and dynamic analysis using tools like Frida and Magisk
• Assessing non-Java/Kotlin apps (React Native, Flutter)
• Application threat modeling and vulnerability identification
• Integrating security into CI/CD pipelines
• Centralized result analysis and prioritization

Students receive access to cloud labs, slides, detailed answer sheets, and AMIs for continued learning post-training.