Rhino Security Labs

Strategic & Technical Blog

Cloud Malware:
Resource Injection in CloudFormation Templates

Ryan Gerstenkorn
August 4, 2021

As a process, CloudFormation deployments are modular, with the template upload being a distinct step from the deployment itself. Templates can be made through the web console or through 3rd party tools, but as CloudFormation is an AWS-…

Downloading and Exploring AWS EBS Snapshots

CloudGoat ECS_EFS_Attack Walkthrough

GKE Kubelet TLS Bootstrap Privilege Escalation

Jack Ganbold

Kubernetes is becoming increasingly popular and the de facto standard for container orchestration. In recent Google Cloud Platform (GCP), Amazon Web Service (AWS), and Azure cloud pentests, we have seen many of our clients using Kubernetes…