Skip to content

Pwned Labs Blog


The latest techniques in hacking and defending

Recent Articles

Red Team, AWS, s3

A new S3 namespace - and a new problem

AWS S3 has long suffered from the bucketsquatting problem. Because bucket names lived in a single global namespace,...
Read more
AWS, cloud security

Getting started with AWS Security

Many people want to know "how do I get started with AWS security?", and this blog post is for them. The pathway in this...
Read more
AWS, Bootcamps, Pwned Labs Experts

Meet your ACRTP Bootcamp instructor: Tyler Petty

From building military-grade networks to cloud security guardrails, Tyler's journey into cybersecurity has been...
Read more
Azure, Bootcamps, Pwned Labs Experts

Meet your MCRTP Bootcamp instructor: Filip Jodoin

We sat down with Filip Jodoin, Penetration Tester and Pwned Labs instructor, to find out more about his cybersecurity...
Read more
AWS, Blue Team

RansomWhen: The Hidden Risks of AWS KMS in Ransomware Attacks

Disclaimer: The information in this blog post is provided for educational and informational purposes only. We do not...
Read more
AWS, Blue Team

Defending Against the whoAMI Attack with AWS Declarative Policies

Cloud Security Researcher and Advocate, Seth Art, recently published the blog post whoAMI: A cloud image name confusion...
Read more
Azure, Red Team, Privilege Escalation, Lateral Movement

Climbing the Azure RBAC Ladder

Join us in this new blog post as we explore the various methods that threat actors commonly use to move laterally and...
Read more
AWS, Blue Team

Building Security Guardrails with AWS Resource Control Policies

AWS recently introduced Resource Control Policies (RCPs), powerful guardrails designed to enhance your organization’s...
Read more
Azure, Red Team, initial access

Mapping attack surface for Azure initial access

Join us in this blog post as we explore various methods that threat actors commonly use to gain initial access to Azure.
Read more
Red Team, GCP, cloud build

Exploiting GCP Cloud Build for Privilege Escalation

In this blog post, we will explore how to exploit Cloud Build to escalate privileges and achieve lateral movement in a...
Read more

Your security training ground


Experience, real-world, byte-sized cloud security labs for training cyber warriors. From beginners to pros, our engaging platform allows you to secure your defenses, ignite your career and stay ahead of threats.