{"product_id":"offensive-gcp-operations-and-tactics-certification-by-white-knight-labs-chirag-savla-jay-pandya-dctlv2026","title":"Offensive GCP Operations and Tactics Certification by White Knight Labs - Chirag Savla \u0026 Jay Pandya - DCTLV2026","description":"\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eName of Training\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e Offensive GCP Operations and Tactics Certification by White Knight Labs \u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eTrainer(s)\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e Chirag Savla \u0026amp; Jay Pandya\u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eDates\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e \u003cmeta charset=\"utf-8\"\u003eAugust 10-11, 2026\u003cbr\u003e\u003c\/span\u003e\u003cspan\u003e\u003cstrong\u003eTime:\u003c\/strong\u003e 8\u003c\/span\u003e\u003cspan\u003e:00 am to 5:00 pm \u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eVenue\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e:\u003c\/strong\u003e \u003cmeta charset=\"utf-8\"\u003eLas Vegas Convention Center\u003cbr\u003e\u003c\/span\u003e\u003cstrong\u003eCost\u003c\/strong\u003e\u003cspan\u003e\u003cstrong\u003e: \u003c\/strong\u003e$2,500 (USD)\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eShort Summary:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eMaster the art of attacking and defending Google Cloud Platform environments. The Offensive GCP Operations and Tactics Certification (OGOTC) course teaches real-world red-team tactics, privilege escalation, and misconfiguration exploitation in GCP through hands-on labs with lifetime access. Learn to think like an adversary and protect your cloud assets effectively.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eCourse Description: \u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003eOffensive GCP Operations \u0026amp; Tactics (OGOTC) is an advanced, hands-on training course designed to provide security professionals, penetration testers, and cloud engineers with a deep understanding of the security landscape within Google Cloud Platform (GCP). This course covers the full attack lifecycle, from initial access to post-exploitation, equipping participants with the skills to identify, exploit, and defend against real-world vulnerabilities in GCP environments.\u003c\/p\u003e\n\u003cp\u003eThe course begins with an overview of GCP architecture, focusing on key services like Compute Engine, Cloud Storage, BigQuery, and Cloud Run. Participants will learn how to perform both unauthenticated and authenticated enumeration using techniques such as API abuse, DNS reconnaissance, and Google Dorking. The course then explores initial access methods, including credential theft, phishing (Evilginx), and misconfigured IAM roles. Hands-on labs will demonstrate privilege escalation, lateral movement through service accounts, and data exfiltration using GCP services.\u003c\/p\u003e\n\u003cp\u003eParticipants will also explore command and control (C2) strategies using GCP services and discover how to abuse metadata servers for escalation. Advanced modules cover Kubernetes exploitation, including pod compromise and privilege abuse within clusters. The course concludes with defensive strategies, showing how to harden IAM policies, secure APIs, and prevent privilege escalation.\u003c\/p\u003e\n\u003cp\u003e\u003cspan\u003e\u003cstrong\u003eCourse Outline: \u003c\/strong\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003col\u003e\n\u003cli\u003eIntroduction to Offensive GCP - Overview of GCP architecture, IAM, and core services.\u003c\/li\u003e\n\u003cli\u003eEnumeration - Identifying public resources, mapping IAM roles, and API abuse.\u003c\/li\u003e\n\u003cli\u003eInitial Access - Gaining access via leaked credentials, phishing, and misconfigurations.\u003c\/li\u003e\n\u003cli\u003ePost-Exploitation - Data exfiltration, persistence, and C2 techniques.\u003c\/li\u003e\n\u003cli\u003eLateral Movement - Exploiting service account impersonation and privilege abuse.\u003c\/li\u003e\n\u003cli\u003eHacking Kubernetes - Compromising and escalating privileges within Kubernetes clusters.\u003c\/li\u003e\n\u003cli\u003ePrivilege Escalation and GCP Abuse - Escalating access through IAM misconfigurations and metadata server exploitation.\u003c\/li\u003e\n\u003cli\u003eConfiguration Assessment - Follow the CIS benchmark to configure the GCP environment.\u003c\/li\u003e\n\u003c\/ol\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eDifficulty Level:\u003c\/strong\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cmeta charset=\"utf-8\"\u003eIntermediate to Advanced\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eIntermediate Definition - The student has education and some experience in the field and familiarity with the topic being presented. The student has foundational knowledge that the course will leverage to provide practical skills on the topic.\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eAdvanced Definition - The student is expected to have significant practical experience with the tools and technologies that the training will focus on.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eSuggested Prerequisites:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eBasic Cloud Knowledge - Understanding of cloud technology and GCP fundamentals.\u003c\/li\u003e\n\u003cli\u003eFamiliarity with Scripting - Basic knowledge of GCloud CLI, Python.\u003c\/li\u003e\n\u003cli\u003eWillingness to Learn - A strong motivation to engage with self-directed materials and perform hands-on exercises.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eWhat Students Should Bring: \u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003eParticipants should bring a laptop with wireless card to access event's Wi-Fi and equipped with a minimum of 8GB RAM.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cmeta charset=\"utf-8\"\u003ePre-work: GCP Account with Billing Account Attached and a Project.\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eWhat the Trainer Will Provide:\u003c\/strong\u003e\u003cspan style=\"font-family: -apple-system, BlinkMacSystemFont, 'San Francisco', 'Segoe UI', Roboto, 'Helvetica Neue', sans-serif; font-size: 0.875rem;\"\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli dir=\"ltr\"\u003eAll the course materials, code snippets, custom scripts, etc; will be provided to the students including the lab manual to solve the individual challenges.\u003cbr\u003e\n\u003c\/li\u003e\n\u003cli dir=\"ltr\"\u003eLife time access to the Student portal to deploy the lab and individual challenges for practice.\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003e\u003cstrong\u003eTrainer(s) Bio:\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eChirag Savla\u003c\/strong\u003e is a cyber security professional with 10+ years of experience. His areas of interest include penetration testing, red teaming, azure and active directory security, and post- exploitation research. For fun, he enjoys creating open-source tools and exploring new attack methodologies in his leisure. Chirag has worked extensively on Azure, Active Directory attacks and defense, and bypassing detection mechanisms. He is the author of multiple open-source tools such as Process Injection, Callidus, and others. He has presented at many conferences and local meetups and has trained people in international conferences like Blackhat, BSides Milano, Wild West Hackin’ Fest, HackSpaceCon, VulnCon etc.\u003c\/p\u003e\n\u003cp\u003e\u003cstrong\u003eJay Pandya\u003c\/strong\u003e has 6 years of experience in vulnerability research, expertise spans in Windows kernel exploitation, penetration testing, red teaming, rootkit development, and cloud security. I specialize in identifying zero-day vulnerabilities and researching n-day exploits. My work includes analysing Windows kernel drivers, reversing binaries, and automating security assessments. I am also focus on Google Cloud security, exploring misconfigurations, identifying privilege escalation, and data exposure risks. Additionally, I enjoy writing technical blogs to share insights from my research, focusing on novel attack methodologies, exploit development, and cloud security weaknesses.\u003cstrong\u003e\u003c\/strong\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cstrong\u003eRegistration Terms and Conditions: \u003c\/strong\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eTrainings are refundable before July 11, 2026, minus a non-refundable processing fee of $250.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eBetween July 11, 2026 and August 5, 2026 partial refunds will be granted, equal to 50% of the course fee minus a processing fee of $250.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eAll trainings are non-refundable after August 5, 2026.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eTraining tickets may be transferred to another student. Please email us at training@defcon.org for specifics.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eIf a training does not reach the minimum registration requirement, it may be cancelled. In the event the training you choose is cancelled, you will be provided the option of receiving a full refund or transferring to another training (subject to availability).\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eFailure to attend the training without prior written notification will be considered a no-show. No refund will be given.\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eDEF CON Training may share student contact information, including names and emails, with the course instructor(s) to facilitate sharing of pre-work and course instructions. Instructors are required to safeguard this information and provide appropriate protection so that it is kept private. Instructors may not use student information outside the delivery of this course without the permission of the student.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eBy purchasing this ticket you agree to abide by the \u003c\/span\u003e\u003ca href=\"https:\/\/defcon.org\/html\/links\/dc-code-of-conduct.html\"\u003e\u003cspan\u003eDEF CON Training Code of Conduct\u003c\/span\u003e\u003c\/a\u003e\u003cspan\u003e and the registration terms and conditions listed above.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eSeveral breaks will be included throughout the day. Please note that food is not included.\u003c\/span\u003e\u003cspan\u003e\u003cb\u003e\u003c\/b\u003e\u003c\/span\u003e\u003c\/p\u003e\n\u003cp dir=\"ltr\"\u003e\u003cspan\u003eAll courses come with a certificate of completion, contingent upon attendance at all course sessions. Some courses offer an option to upgrade to a certificate of proficiency, which requires an additional purchase and sufficient performance on an end-of-course evaluation.\u003c\/span\u003e\u003c\/p\u003e","brand":"Las Vegas 2026","offers":[{"title":"Course only - Aug 10-11","offer_id":47691319869658,"sku":null,"price":2500.0,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0629\/2088\/4442\/files\/OGOTC-01.jpg?v=1774883900","url":"https:\/\/training.defcon.org\/products\/offensive-gcp-operations-and-tactics-certification-by-white-knight-labs-chirag-savla-jay-pandya-dctlv2026","provider":"defcontrainings","version":"1.0","type":"link"}