| | Attacking AWS Cognito with Pacu (rhinosecuritylabs.com) |
| 1 point by mooreds on July 29, 2024 | past |
|
| | Command Injection Vulnerability in Progress Flowmon (rhinosecuritylabs.com) |
| 1 point by skilled on April 26, 2024 | past |
|
| | Attacking AWS Cognito with Pacu (rhinosecuritylabs.com) |
| 1 point by mooreds on Oct 19, 2023 | past | 1 comment |
|
| | AWS Vulnerabilities and the Attacker’s Perspective (rhinosecuritylabs.com) |
| 2 points by therockspush on Oct 6, 2021 | past |
|
| | AWS Privilege Escalation Vulnerabilities (rhinosecuritylabs.com) |
| 2 points by mooreds on May 21, 2020 | past |
|
| | AWS IAM Privilege Escalation – Methods and Mitigation (rhinosecuritylabs.com) |
| 1 point by todsacerdoti on May 7, 2020 | past |
|
| | AWS Privilege Escalation Vulnerabilities (rhinosecuritylabs.com) |
| 1 point by mooreds on April 29, 2020 | past |
|
| | Abusing VPC Traffic Mirroring in AWS (rhinosecuritylabs.com) |
| 1 point by kylequest on Sept 18, 2019 | past |
|
| | Bypassing IP Based Blocking with AWS API Gateway (rhinosecuritylabs.com) |
| 1 point by Bender on Aug 13, 2019 | past |
|
| | The Capital One Breach and “Cloud_breach_s3” CloudGoat Scenario (rhinosecuritylabs.com) |
| 2 points by based2 on Aug 7, 2019 | past | 2 comments |
|
| | Exploring the Power of Phished Persistent Cookies in AWS (rhinosecuritylabs.com) |
| 1 point by akrulino on July 16, 2019 | past |
|
| | Exploiting CVE-2018-1335: command injection in Apache Tika (rhinosecuritylabs.com) |
| 1 point by based2 on March 13, 2019 | past |
|
| | Exploiting AWS 'AssumeRole' API for IAM Enumeration (rhinosecuritylabs.com) |
| 1 point by vuln on Jan 28, 2019 | past |
|
| | Using AWS Account IDs for IAM User Enumeration (rhinosecuritylabs.com) |
| 1 point by cory_zajicek on Sept 4, 2018 | past |
|
| | Assume the Worst: Enumerating AWS Roles Through ‘AssumeRole’ (rhinosecuritylabs.com) |
| 33 points by cory_zajicek on Aug 29, 2018 | past | 6 comments |
|
| | Pacu: The Open Source AWS Exploitation Framework (rhinosecuritylabs.com) |
| 2 points by adamnemecek on Aug 21, 2018 | past |
|
| | Introducing Pacu: The Open Source AWS Exploitation Framework (rhinosecuritylabs.com) |
| 2 points by cory_zajicek on Aug 21, 2018 | past |
|
| | CloudGoat: The ‘Vulnerable-By-Design’ AWS Environment (rhinosecuritylabs.com) |
| 2 points by sciurus on Aug 6, 2018 | past |
|
| | CloudGoat: The ‘Vulnerable-By-Design’ AWS Environment (rhinosecuritylabs.com) |
| 5 points by indigodaddy on Aug 1, 2018 | past |
|
| | SleuthQL: SQL Injection Discovery Tool (rhinosecuritylabs.com) |
| 2 points by indescions_2018 on May 22, 2018 | past |
|
| | Authenticated File Read Vulnerability in JasperReports (CVE-2018-5430) (rhinosecuritylabs.com) |
| 2 points by based2 on May 9, 2018 | past |
|
| | Abusing Microsoft Word Features for Phishing: “subDoc” (rhinosecuritylabs.com) |
| 3 points by el_duderino on Jan 5, 2018 | past |
|
| | Introducing CFire: Evading CloudFlare Security Protections (rhinosecuritylabs.com) |
| 2 points by campuscodi on Sept 6, 2017 | past |
|
| | ONELOGIN BREACH: CLOUD SECURITY AND PROTECTING AWS KEYS (rhinosecuritylabs.com) |
| 1 point by willow9886 on June 6, 2017 | past |
|
| | Penetration Testing Amazon Web Services (AWS) (rhinosecuritylabs.com) |
| 4 points by microphp on May 17, 2017 | past |
|
| | Unitrends Bug Hunting: Remote Code Execution (CVE-2017-7280) – Chapter 1 (rhinosecuritylabs.com) |
| 2 points by cslakin on April 11, 2017 | past |
|
