Skip to main content
Room Banner
Back to all walkthroughs
Room Icon

AWS S3 - Attack and Defense

Premium room

An overview of security features and common attacks for the AWS S3 service.

medium

90 min

430

User profile photo.
User profile photo.

To access material, start machines and answer questions login.

 - A Versatile Service 

helped set  apart as a powerhouse in cloud computing. Being able to arbitrarily scale data storage and use it in interactions across services has meant that is deeply entangled in how almost all organizations use . However, that power doesn't come without its own weaknesses - is one of the most commonly abused services in . During this room, you will learn key capabilities and attack surfaces of .

Learning Objectives

Students will learn basic concepts, such as:

  • buckets
  • objects
  • ACLs
  • bucket policies

Students will learn about common security issues related to public buckets and how buckets are used in automation. Finally, students will use this knowledge to attack an bucket, exfiltrating data and using the data to further compromise an organization.

Answer the questions below
Let's get started!