Cloud Post exploitation techniques

Author(s): Andrew Johnson
Sacha Faust
Category: Exploit Research
Duration: 45
Summary: The cloud is new to many including red teams and the traditionally post exploitation and other common TTP are sometime inapplicable or different due to lack of domain environment and limited surface. The Microsoft Cloud & Enterprise red team will demonstrate some of the post exploitation and persistence vectors they develop and use including but not limited to

* Cloud Pivoting

* Cloud service remote code execution

* Integration of common toolkit but adapted to cloud

* Service level and node persistence approaches

* Automated recon and data driven toolkit

* Indicators of monitoring/detection (IOD/M)

* Future exploration

Likes: 0



The concepts here are extremely relevant, given the Cloud dominance! Cloud Pivoting and How common toolkits are adapted to cloud, is currently tribal knowledge and needs more sharing :)