Rhino Security Labs

Technical Blog

CloudGoat: The ‘Vulnerable-by-Design’ AWS Environment

Spencer Gietzen
July 31, 2018

Correctly executing penetration tests against AWS environments is a difficult, complicated task that requires knowledge and practice in a variety of different areas. It requires both AWS knowledge and red-team-like knowledge to perform a…

AWS Privilege Escalation – Methods and Mitigation

SleuthQL: A SQL Injection Discovery Tool

Authenticated File Read Vulnerability in JasperReports
(CVE-2018-5430)

Hector Monsegur

In dealing with the day to day engagements, Rhino Security Labs’ consultants are introduced a variety of applications deployed in complex enterprise environments.  Our team is often tasked with auditing these production installations for various vulnerabilities. …