Rhino Security Labs

Strategic & Technical Blog

Technical Strategic Technical & Strategic Both
Cloud Security

CloudGoat goes Serverless:
A walkthrough of Vulnerable Lambda Functions

Mitch Fentz
April 26, 2022

CloudGoat is Rhino Security Labs’s AWS pentest training tool, deploying “vulnerable by design” AWS infrastructure to exploit it safely (and legally) in your own environment. This blog post will walk through the new vulnerable_lambda…

Read more
Cloud Security

Cloud Malware:
Resource Injection in CloudFormation Templates

Cloud Security

CloudGoat ECS_EFS_Attack Walkthrough

Technical Strategic Technical & Strategic Both
Categories
Clear Selection
API
Application Security
AWS
Azure
Buyer's Guide
Cloud Security
Compliance
Enterprise Security
GCP
Google Cloud
Internet of Things
Mobile Security
Network Security
News
Penetration Testing
Research
Social Engineering
Tool Development
Uncategorized
Cloud Security

GKE Kubelet TLS Bootstrap Privilege Escalation

Jack Ganbold

Kubernetes is becoming increasingly popular and the de facto standard for container orchestration. In recent Google Cloud Platform (GCP), Amazon Web Service (AWS), and Azure cloud pentests, we have seen many of our clients using Kubernetes…

Read more