Welcome to my personal repository of cloud security lab walkthroughs and writeups. This project is focused on practical, real-world challenges across a variety of platforms and services to help sharpen offensive cloud skills.
- PwnedLabs
AWS-based misconfiguration labs covering enumeration, credential abuse, and privilege escalation. - CloudGoat (Coming Soon)
Scenarios by Rhino Security Labs simulating vulnerable AWS environments. - flaws.cloud (Coming Soon)
Challenges designed to teach the fundamentals of AWS misconfigurations.
cloud-sec-writeups/
βββ pwnedlabs/
β βββ account-id-enum/
β β βββ writeup.md
β β βββ images/
β βββ breach-in-the-cloud/
β βββ writeup.md
β βββ images/
βββ README.md
nmap,aws cli,CloudTrailanalysis- IAM misconfiguration abuse
- S3 bucket enumeration & brute-forcing
- AssumeRole attacks
sparrowjumpy β A passionate learner building a career in cloud security. Follow my journey on GitHub for more writeups and lab notes.
All labs are used for educational purposes only in isolated, legal environments. Credentials, secrets, and access keys are redacted.
π‘ Star this repo to stay updated as new labs like CloudGoat and flaws.cloud are added.