Rhino Security Labs

Strategic & Technical Blog

AWS Privilege Escalation – Methods and Mitigation

Spencer Gietzen
June 19, 2018

At Rhino Security Labs, we do a lot of penetration testing for AWS architecture, and invest heavily in related AWS security research.  This post will cover our recent findings in new IAM Privilege Escalation methods – 17 in total –…

GDRP and Penetration Testing: What You Need to Know

SleuthQL: A SQL Injection Discovery Tool

Authenticated File Read Vulnerability in JasperReports
(CVE-2018-5430)

Hector Monsegur

In dealing with the day to day engagements, Rhino Security Labs’ consultants are introduced a variety of applications deployed in complex enterprise environments.  Our team is often tasked with auditing these production installations for various vulnerabilities. …