Rhino Security Labs

Strategic & Technical Blog

Weaponizing AWS ECS Task Definitions
to Steal Credentials From Running Containers

Nick Spagnola
May 19, 2020

Using containers to host applications in cloud environments is an increasingly popular deployment model in AWS. Due to this trend, researchers at Rhino Security Labs explored how these containers can be abused to steal information or…

CloudGoat AWS Scenario Walkthrough: “EC2_SSRF”

Pillaging AWS ECS Task Definitions for Hardcoded Secrets

Abusing VPC Traffic Mirroring in AWS

Spencer Gietzen

There are many reasons that a person might want to monitor the network traffic in a cloud environment–for both offensive and defensive purposes. Passive network inspection can be difficult in the cloud and would previously require…