Digital Ocean has been around for some time and has given it's users a cheap, bur quite reliable Cloud Platform.
That doesn't mean it's fully secured. Or that admins can set it up securely. Especially considering that most Infrastructure Based Attacks come from misconfigurations.
In this talk, we'll look at how to attack Digital Ocean's Services, how to abuse them as attack vectors and how to defend against them.

We'll start with Reconnaissance, looking at what services can be found online and where to look for them.

Then, we'll look at how to get access to the Infrastructure, including and not limited to Phishing, Droplet Attacks, App Attacks, Function Attacks, etc.

We'll look at what privileges can we get from different Initial access methods and what can be enumerated/abused to get Admin rights.

Privilege Escalation and Lateral Movement comes next.

Second to last is Persistence. We'll look at how to persist, using what Digital Ocean provides.

And lastly, Exfiltration. We'll get data out and try to make it stealthily.

By the end of it, if you do not get lost, you'll get a better idea on how to "Make Digital Ocean Great Again".