# whoami ## Hey, I'm Tyler! I'm a cyber security engineer with a decade of experience spanning numerous environments in technical and leadership roles. I've always been passionate about my work and believe in giving back and sharing that knowledge. This blog is a side project where I share my insights and things I've learned from others. It's also become a handy "second brain" for me! ### Connect with Me! Feel free to connect with me on [LinkedIn](https://www.linkedin.com/in/typetty/) *** ## Projects and Community Involvement ### Instructor @ Pwned Labs In my spare time I teach the [Pwned Labs Amazon Cloud Attack & Defense Bootcamp](https://bootcamps.pwnedlabs.io/placrtp-bootcamp) alongside cofounder Ian Austin. This is a live 4-week professional bootcamp teaching modern AWS attack and defense tradecraft used in real-world breaches and cloud security engagements. We work through hands-on assume-breach scenarios to compromise, audit, and defend AWS environments across identity, compute, and infrastructure services. At the end of the bootcamp, students will be prepared to demonstrate their skills in a 24 hour fully hands-on certification exam. Successful completion of the exam provides students with the **Pwned Labs Amazon Cloud Red Team Professional (ACRTP)** certification. ### Content Creator My YouTube channel {% embed url="" %} Cyber ranges, labs, courses, and more I've created myself or with others
PlatformContent / LinkDescription
Pwned LabsCyber Range - ElectraElectra is a multi-AWS account red team cyber range that I helped create with the team at Pwned Labs. It features a realistic enterprise environment requiring users to perform exploits and attack paths against common AWS services to achieve all 9 flags.
Pwned LabsLab - Abusing Identity Providers in AWSGet hands-on in navigating and exploiting real-world cloud vulnerabilities. You'll begin with ReadOnly access to an AWS account, uncover a misconfigured GitLab Identity Provider Trust Policy, exploit it, and ultimately compromise the account.
Pwned LabsLab - Prowler and AWS Security HubGet hands-on with Prowler, an open-source cloud security tool, to scan an AWS environment for misconfigurations. You'll learn how to centralize findings in AWS Security Hub and set up automated remediation workflows using AWS EventBridge and Lambda functions.
Pwned LabsBlog - Abusing Identity Providers in AWSAbuse the GitLab OIDC Identity Provider to gain access to and compromise an AWS account.
Pwned LabsBlog - Building Security Guardrails with AWS Resource Control PoliciesLeverage AWS Resource Control Policies (RCPs) to protect your AWS resources from external threats.
Pwned LabsBlog - Defending Against the whoAMI Attack with AWS Declarative PoliciesLeverage AWS Declarative Policies to prevent the whoAMI attack and better control the use of AMIs in your AWS environment
CybrCourse - Terraform on AWS: From Zero to Cloud Infrastructure

This is a course I built and collaborated on with Christophe Limpalair from Cybr.com.

Together, we've crafted a comprehensive, hands-on learning experience. I developed the core technical content and lab scenarios, while Christophe enhanced the course with video lessons and contributed additional technical topics to provide a well-rounded learning experience.

CybrLab — Encrypt and Decrypt Data with KMS and Data KeysIn this lab, we'll get hands-on experience using a KMS Customer Managed Key (CMK) and symmetric encryption to encrypt and decrypt data. We'll learn how to perform these functions with the AWS CLI and the AWS Encryption SDK and how to manage data keys for data larger than 4096 bytes.
CybrLab — Replace SSH with SSM Session Manager and KMSSecurely connect to your EC2 instances with AWS Systems Manager Session Manager. Session Manager lets you manage your Amazon EC2 instances through an interactive one-click browser-based shell or through the AWS CLI. After the session is started, you can run bash commands as you would through any other connection type, effectively replacing the need to SSH into instances. For added security, we can enable KMS session encryption with a customer managed key.
CybrLab - Create Static AWS S3 Website with TerraformLearn how to create and configure a static S3 website using only Terraform. This lab does not grant access to the AWS console, encouraging both least privilege and using Infrastructure as Code (IaC) to manage cloud infrastructure instead of ClickOps.
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.techwithtyler.dev/welcome/whoami.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.