new
Capture The Flag
Defensive
New CTF Pack: Cloud Forensics - Essentials
Cloud Forensics - Essentials is a CTF pack designed for aspiring cloud security analysts, incident responders, and security engineers seeking practical experience in investigating cloud intrusions across AWS, Azure, and GCP.
Across 10 beginner-to-intermediate scenarios, players reconstruct cloud attack chains using real forensic artifacts from AWS, Azure, and GCP. The pack covers exposed secrets, SSRF-driven privilege escalation, device-code phishing, and Lambda pivots into IoT infrastructure.
By completing this pack, participants can evaluate and benchmark key cloud forensics skills in:
- Investigating credential exposure, leaked tokens, and cloud misconfigurations.
- Analyzing CloudTrail, Azure Monitor, GCP Cloud Audit Logs, and Entra ID sign-in data.
- Correlating storage, identity, and service logs to reconstruct attacker activity.
- Tracing lateral movement through temporary credentials and OAuth token abuse.
- Interpreting infrastructure and IoT telemetry to follow complex attack paths.
