AWS Security

The deputy is confused about AWS Security Hub

If you are the kind of crazy that we are at Plerion, and you’ve decided to build a product that integrates with AWS Security Hub, this blog post is for the 93 of you.

Getting into AWS cloud security research as a n00bcake

AWS security research can feel impenetrable so here is a guide to get you started.

Disrupting AWS logging

You’re eager to get to the data theft? What about that whole cyber kill chain thing; installation, command & control, actions on objectives? What if someone is watching?

Exploring an AWS account after pwning it

Your instinct is probably to type “whoami” and luckily AWS has an equivalent – aws sts get-caller-identity. It won’t give you much but it will start painting the picture.

Backdooring an AWS account

Maintaining persistence in AWS is only limited by your imagination but there are few obvious and oft used techniques everyone should know and watch for.

Hacking Github AWS integrations again

Github supports roles instead of credentials of integrating CI/CD with AWS. It’s easy to misconfigure so let’s show the impact.