PwnKata
Start drilling free
Home Cloud Security
Topic · 1 live drill

Cloud Security

Cloud credential-exposure drills using simulated provider metadata APIs, no real cloud account required.

So much of cloud attack surface comes down to one move: reaching the instance metadata service and walking off with temporary credentials. From there, an SSRF or a foothold on a workload becomes account access. It's a primitive worth having in reflex memory.

PwnKata drills it safely against self-contained simulations of AWS, GCP, and Azure metadata flows — no real cloud account, no real keys, no risk. The endpoints and credential shapes vary per rep so you practice the technique itself, ready to apply it the moment a real target exposes the path.

Cloud Live

IMDS Credential Theft

Metadata services expose temporary credentials to workloads. Drill retrieving them and proving access without touching a real cloud account.

medium

Start drilling cloud security

Free to start — live isolated targets, a fresh variant every rep.

Start drilling

Other topics

Linux Privilege Escalation

Build reflexes for the most common way to go from a shell to root on Linux. Each technique is its own repeatable drill on a real, throwaway box.

Explore

Web Exploitation

Web attack fundamentals, isolated into single-technique drills you can run until they're automatic.

Explore

Windows Privilege Escalation

Real Windows local-privesc reps backed by disposable VM targets, not Linux simulations.

Explore

Active Directory

AD attack primitives, reduced to focused reps with simulated LDAP and Kerberos services inside the isolated target.

Explore

Network Services

Service enumeration drills that teach the workflow: discover access, walk useful data, and prove impact.

Explore