S3CredentialsHunt is a blue team lab that falls under the Cloud Forensics category and will cover the following subjects: jq, Linux Command Line Tools, Persistence, Privilege Escalation, Defense Evasion, Collection.
Learning Objectives
Analyze AWS CloudTrail logs with `jq` to reconstruct attacker TTPs, identify privilege escalation, and detect persistence mechanisms within a compromised cloud environment.