OCLP

OffSec

Offensive Security Cloud Pentester

Advanced 48hr exam Pass: Passing $1,499

Cloud security assessment — AWS, Azure, GCP attack paths.

Official Page

IssuerOffSec

Format48hr exam

Duration48 hours

Pass ScorePassing

Valid For3y

Overview Syllabus (6) Tools (5) Cheat Sheets (1) Labs (1)

Recommended Tools

AWS CLI Essential

AWS

Official AWS command-line interface

installpip3 install awscli

usageaws sts get-caller-identity; aws iam list-users; aws s3 ls

CloudFox Essential

AWS

AWS situational awareness tool

installgo install github.com/BishopFox/cloudfox@latest

usagecloudfox aws --profile pentest all-checks

enumerate-iam Essential

AWS

Brute-force IAM permissions

installgit clone https://github.com/andresriancho/enumerate-iam

usagepython3 enumerate-iam.py --access-key AKIA... --secret-key ...

Pacu Essential

AWS

AWS exploitation framework

installgit clone https://github.com/RhinoSecurityLabs/pacu && pip3 install -r requirements.txt

usagepython3 pacu.py; run iam__enum_permissions

Az CLI Essential

Azure

Official Azure command-line interface

installpip3 install azure-cli

usageaz login; az account list; az role assignment list --all

AzureHound Essential

Azure

BloodHound collector for Azure

installgo install github.com/BloodHoundAD/AzureHound@latest

usageazurehound list -t tenantid -u user -p pass

ROADtools Essential

Azure

Azure AD exploration framework

installpip3 install roadrecon

usageroadrecon gather -u user -p pass; roadrecon gui

gcloud CLI Essential

GCP

Official GCP command-line interface

installsudo apt install google-cloud-sdk

usagegcloud auth login; gcloud projects list; gcloud iam service-accounts list

kubectl Essential

K8s

Kubernetes CLI

installsudo apt install kubectl

usagekubectl get pods -A; kubectl describe pod <name>

ScoutSuite Essential

Multi-Cloud

Multi-cloud security auditor

installpip3 install scoutsuite

usagescout aws --profile default; scout azure --cli