Skip to main content

csf-resources

Cloud Security Fundamentals Resources

Beginner Resources for Junior Engineers

Resource TypeTitleDescriptionLink
VideosCloud Security ConceptsFree YouTube playlist covering cloud security basicsYouTube - Cloud Security Concepts
ReadingCloud Security Best PracticesFree eBook covering security fundamentalsSnyk - Cloud Security 101
InteractiveTryHackMeCloud security rooms with step-by-step learningTryHackMe - Cloud Security
ReferenceCloud Security AllianceFundamentals and reference documentationCSA - Guidance
WorkshopAWS Well-Architected SecurityPractical security guidance from AWSAWS Well-Architected Security Workshop
WorkshopAzure Security LabHands-on Azure security workshopAzure Security Lab
GuideA Guide to CloudStudy guides for cloud platformsA Guide to Cloud

General Resources

Cloud PlatformTitleDescription
AWS, Azure & GCPHacking The CloudHacking the cloud is an encyclopedia of the attacks/tactics/techniques that are common in cloud exploitation.
AWS, Azure, GCP, IBM, & DOHackTricks CloudA resource for hacking CI/CD pipelines and cloud environments. Useful for both red and blue teams.
AWSCloud GoatCloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool that lets you hone your cloud cybersecurity skills through several "capture-the-flag" style scenarios.
AWSSadcloudSadcloud is a tool for spinning up insecure AWS infrastructure with Terraform, allowing you to test your AWS security knowledge.
AWSAWS Well-Architected Labs: SecurityDocumentation and hands-on labs that help you learn, measure, and build using best architectural security practices.
AWSAttack Detection FundamentalsA three-part series exploring an end-to-end kill chain in AWS and its log entries for detection & analysis.
AzureAttack Detection FundamentalsA three-part series exploring an end-to-end kill chain in Azure and its log entries for detection & analysis.
AzureCONVEXCloud Open-source Network Vulnerability Exploitation eXperience (CONVEX) spins up Capture The Flag environments in your Azure tenant for you to explore.
AzureSecuring Azure Infrastructure - Hands on Lab GuideA hands-on guide to securing Azure infrastructure using various Azure security controls.
AzureAzure Security TechnologiesVarious lab scenarios covering Azure security.
AzureCreate an Azure Vulnerable LabA four-part series explaining Azure vulnerabilities.
AzureAzure GoatAzureGoat: A Damn Vulnerable Azure Infrastructure.
AzurePurple CloudA tool to experiment with Azure Identity and create an Azure Active Directory lab environment.

Guided Learning Paths

ProviderTitleDescriptionLink
AWSSecurity Learning PathFree official security learning pathAWS Skill Builder - Security
AzureMicrosoft Learn - SecurityFree structured learning modulesMicrosoft Learn - Security
GCPGoogle Cloud SecurityFree security path by GoogleGoogle Cloud Skills Boost

Online CTFs & Labs

AWS

Cloud PlatformTitleDescription
AWSFlaws.CloudThrough a series of levels you'll learn about common mistakes and gotchas when using Amazon Web Services (AWS).
AWSFlaws2.CloudSimilar to the original Flaws.Cloud Challenge, this tutorial teaches you AWS security concepts from both an offensive and defensive perspective.
AWSIdentify AWS Account ID from Public S3 BucketLearn how to find the AWS account ID from any public S3 bucket - essential for understanding S3 security.
AWSLoot Public EBS SnapshotsIdentify sensitive resources that a company has accidentally shared publicly - demonstrates EBS security issues.
AWSAWS IAM Enumeration IntroLearn to enumerate permissions in AWS IAM - fundamental skill for cloud security assessment.
AWSAWS S3 Enumeration BasicsExplore misconfigurations and overly permissive settings in S3 - common source of cloud breaches.
AWSSSRF to Pwned (EC2 Metadata)Replicate a real-world breach involving EC2 instance metadata - critical for understanding IMDS vulnerabilities.
AWSIdentify IAM Breaches with CloudTrail and AthenaDetect malicious behavior and potential IAM breaches - essential for cloud security monitoring.
AWSPillage Exposed RDS InstancesHighlight risks of leaving an RDS database exposed to the internet - demonstrates database security best practices.

Azure

Cloud PlatformTitleDescription
AzureMicrosoft Security Best PracticesComprehensive guide for securing Azure workloads
AzureMicrosoft Learn: Security ModuleFree learning path for Azure security fundamentals
AzureMicrosoft Azure Security Engineer Learning PathFree resources for learning Azure security engineering
AzureAzure Security DocumentationOfficial documentation with security guidance
AzureMicrosoft Security Response Center BlogSecurity updates and guidance from Microsoft
AzureMicrosoft Azure Security BenchmarkFramework for Azure security best practices

GCP

Cloud PlatformTitleDescription
GCPGoogle Cloud Skills BoostThe official cloud training resource from Google Cloud
GCPGCP Security Best PracticesFree documentation on enterprise security best practices
GCPSecurity BlueprintComprehensive guide for GCP security architecture
GCPGoogle Cloud Security PodcastRegular episodes on cloud security topics
GCPGoogle Cloud Security DocumentationOfficial security documentation with walkthroughs
GCPGoogle Cloud Security WhitepaperFree detailed whitepaper on security foundations
GCPCloud Security Command Center TutorialsSelf-guided setup for GCP security monitoring

Self-Hosted CTFs & Labs

AWS

Azure

GCP

Cloud PlatformTitleDescription
GCPGCP GOATGCP-Goat is an intentionally vulnerable GCP environment to learn and practice GCP security.
GCPThunderCTFThunder CTF allows players to practice attacking vulnerable cloud projects on Google Cloud Platform by exploiting deployments to reveal a "secret" integer.