Home »
News
Learn PenTesting – Intro Challenge
Want to learn Cloud PenTesting? We have several challenges, at various levels, where you can test out your skills. Earn Points for Completing Challenges Compete Against Other Users Learn Blue Team and Red Team Tactics and Techniques New Challenges are… Read More »Learn PenTesting – Intro Challenge
4 CTF Cloud and Linux Security Challenges Now Open
9/20/22 – by Dave Garrett – PenTesting.Cloud, a free learning platform, has released their first 4 challenges. Utilize your Linux and Cloud Computing skills to exploit vulnerabilities in a lab environment. New challenges are released every two weeks. They are… Read More »4 CTF Cloud and Linux Security Challenges Now Open
S3 Challenge is Live
Introduction S3 and KMS are two services that go hand in hand when it comes to security. This challenge will create an S3 bucket where you will find a file containing the hash. This is an easy challenge. Click here… Read More »S3 Challenge is Live
Is there an echo in here?
Introduction This is a medium rated CloudFormation challenge. The title is a hint. Look at the CloudFormation template after running setup.sh to solve the challenge. The challenge exploits an “insecure feature” within CloudFormation. You can attempt this challenge here: https://pentesting.cloud/challenge/echo-in-here/
A Token of Gratitude
Introduction IMDSv2 added a lot of addition security to help prevent SSRF attacks and other attacks targeting the meta-data and temporary access keys within. But exactly how secure is it? IMDSv2 Challenge – Bypass the meta-data controls to obtain the… Read More »A Token of Gratitude