Explore tools and techniques for conducting penetration tests against AWS-hosted systems and applications in this 55-minute conference talk from LASCON 2018. Dive into pentesting methodology, covering phases such as reconnaissance and exploitation. Learn about DNS recon tools, AWS buckets, and various recon techniques. Discover exploits for billing apps, metadata servers, GraphQL, Kubernetes, and Lambda. Gain insights on Metasploit fingerprinting and walk away with valuable lessons and key takeaways for enhancing cloud security auditing skills.