This course explores the modern attacker mindset in utilizing weaknesses in IAM mechanisms in enterprise apps to achieve attacker goals post initial account compromise. The learning outcomes include understanding modern enterprise architectures, analyzing target apps, utilizing IAM gadgets for persistence, privilege escalation, and exfiltration, as well as evading security tools in this domain. The course teaches skills such as SCIM provisioning, ABAC automation, and analyzing app environments. The teaching method involves a talk with a real-world organization's reproduced environment demonstration. The intended audience includes cybersecurity professionals, AI researchers, and individuals interested in enterprise and identity security.
Overview
Syllabus
Intro
Once upon a time
SCIM provisioning
Real World Example
Automating access - ABAC
How to analyze a new app you need to target
Example analyzing GitHub
IAM Gadgets - Hiding access
IAM Gadgets - Exfiltration
Let's enumerate the access
Self Service to the rescue
Data links are free exfiltration tools
Takeaways
Taught by
Hack In The Box Security Conference
