The following topics are covered

Introduction to AWS Lambda

Lambda functions

Lambda applications

Lambda layers

Lambda alias routing

Custom runtimes

Enumerating Lambda functions and layers.

Application Vulnerabilities

Command injection

Insecure Deserialization

Server-side request forgery (SSRF)

XML external entity (XXE)

Abusing AWS Lambda permissions

Lambda Alias Routing

AWS Lambda Execution Environment

Lambda Runtime API

Lambda Authorizers

Leverage Lambda functions for performing attacks

Abusing temporary file systems of Lambda Environment

Maintaining access on an AWS account (Lambda backdoor)

Retrieving application secrets, keys, and credentials

Manipulating function execution flows

Injecting Malicious runtime and taking control of Lambda environment.

Exfilterating Lambda event data