back to top

UC – AWS Security

By Carlos Polop
7192

AWS secures the physical data centers and hypervisors, but customers own the identity, configuration, encryption, and monitoring layers. Mastering this sharedโ€‘responsibility model means designing least privilege on day one, isolating workloads by account, and wiring continuous detection so every drift or rogue API call is caught, before it becomes tomorrowโ€™s headline. Bottom line… most of AWS Security is up to YOU!

The goal for this Free Upskill Challenge by Carlos Polop of HackTricks is to:

  • Inspire you to learn even more far beyond the 20 – 30 minutes of this UC.
  • Give you an introduction to the basics and best-practices for securing your AWS environment.
  • Show you some actions you can take immediately to reduce your attack surface.

Price = FREE!

Upskill Now! >

Whatโ€™s an Upskill Challenge (UC)?

A UC is a CTF-style, bite-sized lesson from the JHT Team, our courseware developers as well as โ€œfriendsโ€ of JHT. They are meant to be short and to the point. UCs focus on a single tool or concept and are helpful in quickly providing useful skills that might be prerequisites for other types of educational content on the platform.

A UC should be 10 โ€“ 30 minutes of student time and have no VMs. There are quizzes to make sure that the content is understood.

Prerequisites for “UC – AWS Security”

UCs assume no knowledge at all! Theyโ€™re meant to be completely self-contained, so all of the answers are in the lesson. No outside research is required.

Upskill Now! >
Just Hacking Training (JHT) - Carlos Polop

Carlos Polop

Carlos Polop has a degree in Telecommunications Engineering with a Master in Cybersecurity. He has worked mainly as Penetration Tester and Red Teamer for several companies and has several relevant certifications in the field of cybersecurity such as OSCP, OSWE, CRTP, eMAPT, eWPTXv2, OSMR, ARTE, GRTE, AzRTE, et al. He was captain of the Spanish team in the ECSC2021, member of Team Europe for the ICSC2022 and trainer of the Team Europe in 2024&25. And he has spoken at several international conferences such as DEFCON31. is an experienced penetration tester, red teamer and programmer. Since he started learning cybersecurity, he has tried to share his knowledge with the InfoSec community by publishing open-source tools such as PEASS-ng – Privilege Escalation Awesome Scripts SUITE new generation. He is also the author of HackTricks, the popular online publication that anyone can consult (https://book.hacktricks.xyz/ clickable link above).

Just Hacking Training (JHT) - Heart Logo
Affordable Hands-On Cybersecurity Training from Co-Founder John Hammond & 30+ All-Stars
Browse Entire CatalogBrowse Entire Catalog

Dark Web 2 is Here!

Bring your hoodie & hacker mindset to DW2 - CTI Researcher (20% Off)
Get 25% Off DW 1 & 2 (Bundle)

WMD 6 Not Quite Ready

Our delay is your benefit. Deals still live!
WMD 1 = $40, WMD Intro Path (1-3) = 46% Off

Recent Releases

- WMD 5, SIEMless Threat Hunting
- 2 New Bundles 50% Off 7 CTFs, 75% Off 7 HALs
- Blogs: Brief History of ConDef Ecosystem,ย  ConDef MCP โ€“ Meet Your AI Teaching Asst, Blue Team Training Roadmap
- Free UCs: Home Lab, Nmap, PowerShell

Top Picks

The Mishaal Bundle, ConDef 2026, API Hacking, Phishing

Courses In Production

WMD 6, WebApp Pentest, Network Pentest, Deception, OS Hardening, Hardware Hacking 101...

Explore Ways to Learn

Affordable Education

Taught by Experienced Practitioners

Just Hacking Sizzle Reel