Breaching the Cloud

Breaching the Cloud is a hands-on training course focused on real-world attack paths in modern cloud environments. Students learn how to identify cloud-hosted assets, enumerate exposed services, and exploit common misconfigurations across major cloud platforms using a structured penetration testing methodology. The course walks through initial access, situational awareness, privilege escalation, persistence, and data exfiltration in cloud-native and SaaS environments, highlighting how cloud compromises differ fundamentally from traditional on-prem attacks. Emphasis is placed on practical techniques, open-source tooling, and attacker tradecraft that reflects how modern organizations are actually breached today.

This course provides comprehensive insights into cloud-based attack surfaces, a step-by-step methodology for compromising cloud environments, and practical guidance on leveraging open-source tools for effective cloud assessments.

Do you want to level up your cloud penetration testing skills? The attack surface of many organizations has changed to include third-party hosted services such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform. In this training course, hacking concepts will be introduced for each of those services.

This training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization.

Post-compromise techniques of cloud infrastructure differ from the techniques used in typical on-premise environments. You will learn situational awareness techniques that ultimately will impact how you will escalate privileges in the cloud. With most cloud-based authentication being publicly exposed this presents new and interesting persistence techniques that are non-existent to on-premise environments. With productivity tools like G-Suite and Microsoft 365 many organizations are making their email and other data that is normally protected by a firewall available to remote employees. You will learn how to discover, pillage, and exfiltrate data from these services.

About the Speaker

Beau Bullock

Beau Bullock is the Director of Emerging Threats and Advanced Testing at Black Hills Information Security (BHIS), where he leads research and offensive testing focused on cloud security, identity abuse, and emerging attack techniques. He has been with BHIS since 2014 and brings over a decade of hands-on experience in penetration testing and security research.

Beau is an active contributor to the information security community through open-source tooling, technical writing, conference talks, webcasts, and by teaching his course Breaching the Cloud, which focuses on real-world attack paths across modern cloud environments. His work emphasizes practical tradecraft, attacker mindset, and helping defenders understand how small misconfigurations lead to large-scale compromise. Beau also writes music to hack to under the name NOBANDWIDTH.