whoami
Hey, I'm Tyler!
I'm a cyber security engineer with a decade of experience spanning numerous environments in technical and leadership roles.
I've always been passionate about my work and believe in giving back and sharing that knowledge. This blog is a side project where I share my insights and things I've learned from others. It's also become a handy "second brain" for me!
Connect with Me!
Feel free to connect with me on LinkedIn
Projects and Community Involvement
Instructor @ Pwned Labs
In my spare time I teach the Pwned Labs Amazon Cloud Attack & Defense Bootcamp alongside cofounder Ian Austin.
This is a live 4-week professional bootcamp teaching modern AWS attack and defense tradecraft used in real-world breaches and cloud security engagements. We work through hands-on assume-breach scenarios to compromise, audit, and defend AWS environments across identity, compute, and infrastructure services. At the end of the bootcamp, students will be prepared to demonstrate their skills in a 24 hour fully hands-on certification exam. Successful completion of the exam provides students with the Pwned Labs Amazon Cloud Red Team Professional (ACRTP) certification.
Content Creator
My YouTube channel
Cyber ranges, labs, courses, and more I've created myself or with others
Pwned Labs
Electra is a multi-AWS account red team cyber range that I helped create with the team at Pwned Labs. It features a realistic enterprise environment requiring users to perform exploits and attack paths against common AWS services to achieve all 9 flags.
Pwned Labs
Get hands-on in navigating and exploiting real-world cloud vulnerabilities. You'll begin with ReadOnly access to an AWS account, uncover a misconfigured GitLab Identity Provider Trust Policy, exploit it, and ultimately compromise the account.
Pwned Labs
Get hands-on with Prowler, an open-source cloud security tool, to scan an AWS environment for misconfigurations. You'll learn how to centralize findings in AWS Security Hub and set up automated remediation workflows using AWS EventBridge and Lambda functions.
Pwned Labs
Abuse the GitLab OIDC Identity Provider to gain access to and compromise an AWS account.
Pwned Labs
Leverage AWS Resource Control Policies (RCPs) to protect your AWS resources from external threats.
Pwned Labs
Leverage AWS Declarative Policies to prevent the whoAMI attack and better control the use of AMIs in your AWS environment
Cybr
This is a course I built and collaborated on with Christophe Limpalair from Cybr.com.
Together, we've crafted a comprehensive, hands-on learning experience. I developed the core technical content and lab scenarios, while Christophe enhanced the course with video lessons and contributed additional technical topics to provide a well-rounded learning experience.
Cybr
In this lab, we'll get hands-on experience using a KMS Customer Managed Key (CMK) and symmetric encryption to encrypt and decrypt data. We'll learn how to perform these functions with the AWS CLI and the AWS Encryption SDK and how to manage data keys for data larger than 4096 bytes.
Cybr
Securely connect to your EC2 instances with AWS Systems Manager Session Manager. Session Manager lets you manage your Amazon EC2 instances through an interactive one-click browser-based shell or through the AWS CLI. After the session is started, you can run bash commands as you would through any other connection type, effectively replacing the need to SSH into instances. For added security, we can enable KMS session encryption with a customer managed key.
Cybr
Learn how to create and configure a static S3 website using only Terraform. This lab does not grant access to the AWS console, encouraging both least privilege and using Infrastructure as Code (IaC) to manage cloud infrastructure instead of ClickOps.
Last updated