Rhino Security Labs

Strategic Blog

Technical Strategic Technical & Strategic Both
AWS

Unauthenticated AWS Role Enumeration (IAM Revisited)

Spencer Gietzen
January 28, 2019

When attacking an AWS cloud environment, its important to use leverage unauthenticated enumeration whenever possible. This kind of IAM recon can help you gain a better understanding of the environment itself, the users and applications that…

Read more
AWS

AWS IAM Privilege Escalation – Methods and Mitigation

AWS

Cloud Breach: Compromising AWS IAM Credentials

Technical Strategic Technical & Strategic Both
Categories
Clear Selection
Application Security
AWS
Azure
Buyers Guide
Cloud Security
Compliance
Enterprise Security
Mobile Security
Network Security
News
Penetration Testing
Research
Social Engineering
Tool Development
AWS

Pacu: The Open Source AWS Exploitation Framework

Spencer Gietzen

With the continued proliferation of Amazon Web Services (AWS), companies are continuing to move their technical assets to the cloud. With this paradigm shift comes new security challenges for both Sysadmin and DevOps teams.  These aren&#…

Read more