Presented at
DEF CON 33 (2025),
Aug. 8, 2025, 2 p.m.
(45 minutes).
Cloud penetration testing has become a hot topic in the offensive community, as cloud-based infrastructures have been slowly taking the place on-prem ones used to have. This requires a tool to help with it. Nebula is a cloud pentest framework, which offers reconnaissance, enumeration, exploitation, post exploitation on AWS, Azure, DigitalOcean, and above all opportunity to extend even more. It is built modularly for each provider and each attack, allowing for diversity in attack surface. This coupled with the client-server architecture allows for a collaborated team assessment of a hybrid cloud environment.
Presenters:
-
Bleon "Gl4ssesbo1" Proko
Bleon is an infosec passionate about infrastructure penetration testing and security, including Active Directory, cloud (AWS, Azure, GCP, Digital Ocean), hybrid infrastructures, as well as defense, detection, and threat hunting. He has presented topics related to cloud penetration testing and security at conferences like Black Hat USA, Europe, and Sector, DEF CON, SANS Pentest Hackfest Hollywood and Amsterdam, as well as several BSides in the USA and Europe. His research includes Nebula, a cloud penetration testing framework and other blogs, which you can also find on his blog; blog.pepperclipp.com. He is also the author of YetiHunter and DetentionDodger; github.com/permiso-io-tools. He is also the author of the upcoming book Deep Dive into Clouded Waters: An Overview in Digital Ocean's Pentest and Security; leanpub.com/deep-dive-into-clouded-waters-an-overview-in-digitaloceans-pentest-and-security.
Similar Presentations: