Rhino Security Labs

Strategic & Technical Blog

CloudGoat: The ‘Vulnerable-by-Design’ AWS Environment

Spencer Gietzen
July 31, 2018

Correctly executing penetration tests against AWS environments is a difficult, complicated task that requires knowledge and practice in a variety of different areas. It requires both AWS knowledge and red-team-like knowledge to perform a…

AWS Privilege Escalation – Methods and Mitigation

GDRP and Penetration Testing: What You Need to Know

SleuthQL: A SQL Injection Discovery Tool

Benjamin Caudill

Burpsuite is the de facto standard of web application auditing tools, simplifying the discovery and exploitation of application vulnerabilities. Burp’s “Active Scanner” identifies a range of application flaws – from missing…