AWS Fundamentals & Enumeration
15%
IAM, EC2, S3, Lambda, VPC concepts; AWS CLI enumeration methodology
IAM Privilege Escalation
20%
IAM policy analysis, PassRole abuse, CreateRole, AttachRolePolicy, iam:* permissions
EC2 & Metadata Attacks
15%
IMDSv1 credential theft, IMDSv2 bypass, SSRF to metadata, user-data secrets
S3 Security
15%
Bucket enumeration, public bucket data theft, bucket policy misconfigs, pre-signed URLs
Lambda & Serverless
10%
Lambda environment variable secrets, event injection, function URL abuse
Cross-Account Attacks
10%
Assume-role chains, resource-based policy abuse, external ID bypass
CloudTrail Evasion & Persistence
15%
Log evasion techniques, backdoor IAM users, access key rotation, event suppression