Join the Hack Smarter community: https://hacksmarter.org
--- In this video, I work through the "AWS IAM Initial Access" room on TryHackMe. We learn about several different vectors for attackers to gain initial access to an AWS environment. The primary mechanism of access in AWS is the credentials associated with the AWS IAM service. We cover the following scenarios:

1. Leaked Credentials
2. Phishing for Stacksets
3. SSRF to IMDS Instance Profile Credentials
4. Vulnerable Automation

Enjoy!
--------------
Rhino Security Labs Discord: https://discord.gg/z68UQyUD
Work Smarter Discord: https://discord.gg/work-smarter-956006303061393428
Twitch: https://hacksmarter.live/