Rhino Security Labs

Strategic & Technical Blog

CloudGoat ECS_EFS_Attack Walkthrough

Sebastian Mora

Cloudgoat is a tool that can build vulnerable Capture-the-Flag style AWS environments to help security assessors learn about AWS security and AWS vulnerabilities. This walkthrough will cover the CloudGoat attack simulation “ecs_efs_attack…

Java Deserialization Exploitation With
Customized Ysoserial Payloads

GKE Kubelet TLS Bootstrap Privilege Escalation

Fuzzing Left4Dead 2 with CERT’s
Basic Fuzzing Framework

Hunter Stanton

If you saw my previous blog post on the buffer overflow I found in Left4Dead 2, you know that I found that vulnerability through fuzzing. 
Modern game engines usually have a very large attack surface within which vulnerabilities could…