Rhino Security Labs

Technical Blog

Attacking AWS Cognito with Pacu (p1)

David Kutz-Marks

In Part 1 of this post, we discuss common problems in AWS Cognito security, as seen in client environments, which would benefit from automated scanning and exploitation. In Part 2, we walk through our solution: two new modules for Pacu, our…

Attacking AWS Cognito with Pacu (p2)

IAMActionHunter: Query AWS IAM permission policies with ease

CVE-2022-25165:
Privilege Escalation to SYSTEM in AWS VPN Client

David Yesland

The AWS VPN Client application is affected by an arbitrary file write as SYSTEM, which can lead to privilege escalation and an information disclosure vulnerability that allows the user’s Net-NTLMv2 hash to be leaked via a UNC path in a…