For years and years, network pen-testers have owned companies and networks with playbooks written in the 90's. With a good mix of footprinting, scripting and unexpected interdependence, even moderately skilled attackers have been able to reign supreme without ever needing a 0day. How does this change as organizations slip more and more into the cloud? What do rootkits look like & what does lateral movement mean when its between different SaaS products? While we have seen point attacks on cloud vendors there hasn't been enough attention paid to the interdependence of these systems and we have seen precious little on pivoting through or defending these setups. This talk attempts to update those playbooks from the 90's for both red and blue teamers.