Overview
AWS Security
The deputy is confused about AWS Security Hub
If you are the kind of crazy that we are at Plerion, and you’ve decided to build a product that integrates with AWS Security Hub, this blog post is for the 93 of you.
Getting into AWS cloud security research as a n00bcake
AWS security research can feel impenetrable so here is a guide to get you started.
Disrupting AWS logging
You’re eager to get to the data theft? What about that whole cyber kill chain thing; installation, command & control, actions on objectives? What if someone is watching?
Exploring an AWS account after pwning it
Your instinct is probably to type “whoami” and luckily AWS has an equivalent – aws sts get-caller-identity. It won’t give you much but it will start painting the picture.
Backdooring an AWS account
Maintaining persistence in AWS is only limited by your imagination but there are few obvious and oft used techniques everyone should know and watch for.
Hacking Github AWS integrations again
Github supports roles instead of credentials of integrating CI/CD with AWS. It’s easy to misconfigure so let’s show the impact.