Cloud-based Projects

Projects

A collection of projects focusing on deploying cloud resources, exploiting vulnerable cloud resources, securing cloud infrastructure. These projects cover various aspects of cloud security, including IAM, Azure Firewall, S3, CDN(e.g. Cloudfront configuration), EC2, Security Groups, ACLs, Microsoft Defender for Cloud and more.

1. Website Deployment

Succesfully deployed this portfolio website using AWS S3 bucket, AWS Certificate Manager, AWS Cloudfront and used Cloudflare for DNS management

2. Cloud Security: AWS IAM Privilege Escalation

Starting with a highly-limited IAM user, I reviewed previous IAM policy versions and restored one which allows full admin privileges, resulting in a privilege escalation exploit.

3. Cloud security: AWS FLAWS

Exploiting S3 buckets and IAM Misconfigurations, exposing unencrypted EBS snapshots and secrets due to misconfigured permissions, creating significant security risks

4. Cloud Security: AWS Vulnerable Lambda Functions

Exploiting vulnerable AWS Lambda function with excessive permissions leading to privilege escalation hence creating a security risk.

5. Network Security Groups and Application Security Groups

Creating a virtual network with a subnet, configure application security groups to organize resources and implementing a network security group to manage access.

6. Cloud Security: Azure Firewall Configuration

Deploying and configuring an Azure Firewall to secure network traffic and manage access within an Azure environment

7. Cloud Security: Microsoft Sentinel

Microsoft Sentinel-based threat detection and response by integrating data from Azure Activity and Microsoft Defender for Cloud, configuring alerts, and automating incident responses with Playbooks.

8. Cloud Security: Azure Monitor

Deploy an Azure VM, create a Log Analytics workspace, Azure storage account, data collection rule to collect events and performance counters from virtual machines with Azure Monitor Agent.

9. Cloud Security: Key Vault

Creating a proof-of-concept application that makes use of the Azure SQL Database support for Always Encrypted functionalit.

10. Microsoft Defender for Cloud

Configuring Microsoft Defender for Cloud to monitor a virtual machine and implementing recommendations for guest configuration and Just-in-time VM access.

11. SCCM Installation in Azure

Created a Resouce Group, Virtual Network, Network Security Group, deployed two Vitual Machines with Active Directory, SQL Server and joined the two Virtual Machine to the Domain

12. SCCM Installation in Oracle Cloud

Step-by-step SCCM deployment in Oracle Cloud, covering VCN, Security Lists, Virtual Machines with AD, SQL Server, SCCM setup, and client management for enterprise-level IT infrastructure automation.