Pentesting AWS Environments with Pacu, CloudGoat, and ChatGPT

Learn hands-on how to exploit AWS cloud misconfigurations and build practical skills with step-by-step walkthroughs, labs, and CTFs. This course uses and teaches 4 primary tools:

  • CloudGoat
  • Pacu
  • ChatGPT

CloudGoat enables you to deploy vulnerable-by-design AWS scenarios in your own environments, although we will be providing a couple of those scenarios as 1-click deploy 🧪 Cybr Hands-On Labs if you would rather not use your own environments. Not all of the scenarios will be available with our labs due to how vulnerable they are.

In addition to using the AWS command line interface (CLI), we’ll be using a cloud penetration testing tool called Pacu.

We will also be using ChatGPT by having it craft payloads, troubleshoot for us, and overall help us speed up and be more effective.

This course is primarily for individuals who want to perform security assessments of AWS environments and resources, or who want to learn what to do once they’ve gained access to a set of limited AWS credentials. There are a couple of scenarios that show how to gain initial access to credentials through misconfigurations, but this course is mostly focused on helping you find privilege escalation paths.

Christophe · August 14, 2023

What makes this course different

💎 Production quality: We’ve been developing cloud and security training material for over 7 years and have taught hundreds of thousands of IT professionals all the way from individuals to Fortune 500 companies. Our production quality is top-notch and not only reflects expert experience but focuses on building practical skills with interactive diagrams, realistic lab scenarios, and other interactive elements.

🗺️ Scenario and Practical-based: This course is 95%+ hands-on. We learn how to set up our tools to get started, and then we learn how to deploy CloudGoat AWS labs. We use those labs to learn hands-on by hacking actual environments. This isn’t a theoretical course, it’s fully practical.

🧪 Hands-On and Lab-based: Every practical step we take in the course can be completed in your very own AWS account, and we’ve added Cybr Hands-On Labs for some of the scenarios if you’d rather use our accounts instead of yours to make setup easier and not worry about costs. We do inform you beforehand if there are any resources that will cost money so you can decide whether you want to complete those labs/steps or not.

About the author

This course was created, developed, and published by Christophe Limpalair. Christophe is the founder and an author at Cybr, where he’s published many courses on topics of ethical hacking. You may also know him from Linux Academy / ACloudGuru, where he taught multiple AWS courses including associate and professional-level AWS certification courses, and helped tens of thousands of learners get certified. He also helped pioneer, develop, maintain, and secure Linux Academy’s cloud Hands-On Labs and Assessments technology which ran as a $1m budget on AWS.

Christophe has 7+ years of experience working in AWS and building as well as securing production environments. He shares that experience in this course to help you get started learning how to secure AWS resources and environments.


  • Latest update: October 2023

Course Content


Setting up our lab environment
Getting started with Pacu
IAM Privilege Escalation by Misconfiguration (Small / Easy)
Vulnerable Lambda (Small / Easy)
IAM Privilege Escalation by Rollback (Small / Easy)
Cloud Breach via S3 (Small / Moderate)
ECS Takeover (Medium / Moderate)
Wrap-up and Key Takeaways

About Instructor


18 Courses

Not Enrolled

Course Includes

  • 40 Lessons