WWHF @ Mile High 2025

As the world's largest cloud platform, Amazon Web Services (AWS) powers millions of applications and deployments, making it a common target for offensive security professionals. The complexity of AWS introduces a number of new attack surfaces, but actually exploiting them often requires niche knowledge or familiarity with arcane configurations. Navigating these nuances to identify and exploit vulnerabilities can be challenging, even for seasoned penetration testers.

In this talk, I'll share some of the things I wish I had known when I started pentesting AWS environments. We'll examine the AWS shared responsibility model and the pentester's role in it. We'll then cover the fundamentals of AWS Identity and Access Management (IAM), take a look at important classes of misconfigurations, and discuss important tradecraft for avoiding detection. Whether you're new to AWS penetration testing or an experienced cloud hacker seeking to deepen your expertise, this session will provide insights and practical skills applicable to real-world engagements.