c0c0n 2026

c0c0n is a 19 years old platform that is aimed at providing opportunities to showcase, educate, understand and spread awareness on Information Security, data protection, and privacy...

Venue & Date

Contact Us

Multi-Cloud Security (AWS, Azure, GCP) - AI Edition

c0c0n 3-Day Professional Training

Multi-Cloud Security (AWS, Azure, GCP) - AI Edition

Course Abstract:

This course will take any student and ensure that:
Modern enterprises depend on multi-cloud ecosystems (AWS, Azure, GCP) for identity, compute, and storage. But their complexity and constant evolution often create misconfigurations that attackers exploit as primary initial-access vectors.

This training delivers advanced, real-world offensive training focused on these weaknesses. This edition integrates AI-assisted access techniques, showing how adversaries use AI to discover exposed services, generate valid API calls, automate identity reconnaissance, and identify privilege escalation paths across cloud providers.

Trainees learn how elite Red Teams perform post-exploitation pivoting, privilege escalation, and lateral movement in hybrid, interconnected cloud environments and how AI accelerates each stage. The training equips you with the skills to identify and remediate critical vulnerabilities in complex enterprise deployments.

Module wise division of the 3 Day Hands-on workshop:
Cloud Offensive Operations lifecycle
  • Offensive Security Lifecycle
  • Open-source tooling & custom scripts
  • Red Team Operation Objectives
  • AI Services in Cloud Environments
Cloud Red Team Infrastructure Initialization
  • Authenticating via Cloud CLI
  • Defining Scope & Rules of Engagement
  • Initial Access to Cloud Infrastructure
    • Leaked cloud credentials
      • Git Repositories
      • Configuration Files
      • Program Binaries / Scripts etc
    • Illicit Consent Grant Attacks
    • Device code phishing (AWS Identity Center & Azure)
    • Vulnerable GKE nodes
Attacking- AWS Cloud
  • Enterprise Red Team Cycle in AWS Cloud
  • Identify & Exploiting Mis-configurations
  • Abuse metadata service
  • Abusing roles IAM , policies for privilege escalation & persistence
  • Leveraging lambda service for privilege escalation
  • Data Exfiltration from S3, STS & Secret Manager etc
  • Gain Access to Bedrock & SageMaker Service
  • Azure & GCP Lateral movement Scenarios
Attacking- Azure Cloud
  • IMP Azure Endpoints
    • Azure Resource Manager (Azure RBAC roles & REST APIs)
    • Entra ID (Graph App roles / delegated permissions & MS Graph API)
    • Microsoft 365 (Microsoft Graph API + Service-specific APIs)
  • Enterprise Red Team Cycle in Azure Cloud
  • Enumeration of tenant Azure Cloud
  • Leveraging Entra ID & excessive RBAC permissions for privilege escalation & persistence
  • Gain Access to Azure Cognitive AI Services
  • Abusing & stealing tokens from ML Pipeline
  • Lateral Movement from Cloud to On-Premise
    • Abusing Microsoft Intune
    • Azure ARC Exploitation
Attacking- GCP Cloud
  • Enterprise Red Team Cycle in GCP
  • Enumerating & Exploiting Google Kubernetes Services
  • Privilege Escalation by exploiting mis-configured OAuth & IAM
  • Persistence Access by Temporary / Permanent Access Token
  • Exfiltrating Secrets from GCP KMS
  • Gain Access to GCP Vertex AI Service
Multi-Cloud Hacking CTF
  • A 2 hours hands-on CTF will be conducted on last day, top 3 winners will receive 1 Year Infinity Subscription

NOTE :

  • Students will use RedCloud OS entirely for 3 days.
  • The lab infrastructure will be provided by CW Labs. The labs will be accessible for 30 days post training.
  • CWL team will provide study material, labs and custom tools.
Why should people attend your cours

A laptop with the following specifications:

  • Master Enterprise Red Team Methodology in Multi-Cloud (AWS/Azure/GCP).
  • Execute full Red Team Attack Cycle in simulated enterprise environments.
  • Perform Stealthy Lateral Movement across clouds
  • Advanced Core Services Mapping/Enumeration/Exploitation.
  • Master Advanced Privilege Escalation & Persistence via cloud IAM flaws.

Student Requirements

  • Fair Knowledge of Networking / Web / API Technology
  • Familiarity with CLI
  • An Open Mind :)

Who should attend

Targeted Audience may include the following group of people:

  • Penetration Testers / Red Teams
  • Cloud Security Professionals
  • Cloud Architects
  • SOC analysts
  • Threat Hunting Team
  • Last but not the least, anyone who is interested in strengthening their offensive and detection capabilities in Cloud

How many years of practical experience would the ideal student have to get most out of this training?

  • Minimum 3-4 years in Penetration Testing Domain.

What Students Should Bring?

  • System with at least 16GB RAM having VMWare Workstation PRO 25H2 installed
  • Updated Web Browser
  • CWL RedCloud VM With Internet Connectivity

What Students Will Be Provided With

  • Soft Copy of the Course Content.
  • 15 Days Lab Access
  • Great Knowledge about the Offensive Cloud Techniques used by adversaries.
  • Defense Tactics & Techniques against the discussed offensive techniques.

Trainer(s)

Manish Gupta

Manish Gupta

CEO
CyberWarFare Labs

Parth Agarwal

Parth Agarwal

Security Researcher
CyberWarFare Labs

Training Information

  • Duration 3 Day Training
  • Dates 6th Oct, 2026 to 8th Oct, 2026
  • Time 09:30 IST - 17:30 IST
  • Venue Grand Hyatt, Bolgatty, Kochi, Kerala

Trainings

Oct 6–8 Pre-Conference
T1
Hook, Line, and Sinker: Exploring the Phishing Abyss
T2
Applied Infrastructure Security Assessment
T3
Creating Custom Tooling for Offensive Security after 2025 - Beyond Autopilot Pentesting
T4
Operational Open Source Intelligence (OSINT), From Online Data to Real-World Impact.
T5
AI Security Engineering Masterclass
T6
Practical AI Security: Attacking and Defending LLMs, Agents and MCP
T7
Practical Fuzzing: A Hands-On Learning Experience for Uncovering Vulnerabilities on Linux
T8
Attacking and Defending GitHub CI CD Pipelines
T9
Threat Tradecraft: Infrastructure Hunting & Malware Analysis
T10
Telecom Network Exploitation: Pentesting Across 4G/5G Stacks
T11
Hacking Android, iOS and IoT apps by Example - 2026 Edition
T12
Multi-Cloud Security (AWS, Azure, GCP) - AI Edition
T13
Red Team: Identity Exploitation & Nation-State Implant Tradecraft
T20
Invite Only (For Law Enforcement)
Oct 11–13 Post-Conference
T14
Hack the IoT
T15
Automotive Security in Practice: Exploitation, Risk Assessment & CAN IDS!
T16
HuntOps: From Telemetry to Adversary Detection
T17
HackTheWeb: Pentest Smarter with AI
T18
Weaponizing Defense: Attacking Windows 11 Kiosks Using Enterprise Hardening Solutions
T19
The Art of Finding Bugs: Advanced Techniques in Vulnerability & 0-Day Research

Register Now