Rhino Security Labs

Strategic & Technical Blog

Technical Strategic Technical & Strategic Both
Cloud Security

Google Cloud Platform (GCP)
Bucket Enumeration and Privilege Escalation

Spencer Gietzen
February 26, 2019

For those unfamiliar, GCP is a cloud platform that offers a variety of cloud-computing solutions for businesses of any size to take advantage of. Most people would put it up in the “big 3” cloud providers that are available,…

Read more
Cloud Security

Unauthenticated AWS Role Enumeration (IAM Revisited)

Cloud Security

AWS IAM Privilege Escalation – Methods and Mitigation

Technical Strategic Technical & Strategic Both
Categories
Clear Selection
API
Application Security
AWS
Azure
Buyer's Guide
Cloud Security
Compliance
Enterprise Security
GCP
Internet of Things
Mobile Security
Network Security
News
Penetration Testing
Research
Social Engineering
Tool Development
Cloud Security

Cloud Breach: Compromising AWS IAM Credentials

Spencer Gietzen

With Pacu and our AWS Pentesting simulating attacks on cloud architecture, we often get questions about how keys get lost (or even statements that such an event is unlikely). To address these concerns we’ve written a blog post to walk…

Read more