Rhino Security Labs

Strategic & Technical Blog

CloudGoat ECS_EFS_Attack Walkthrough

Sebastian Mora

Cloudgoat is a tool that can build vulnerable Capture-the-Flag style AWS environments to help security assessors learn about AWS security and AWS vulnerabilities. This walkthrough will cover the CloudGoat attack simulation “ecs_efs_attack…

GKE Kubelet TLS Bootstrap Privilege Escalation

Weaponizing AWS ECS Task Definitions
to Steal Credentials From Running Containers

CloudGoat AWS Scenario Walkthrough: “EC2_SSRF”

Sebastian Mora

CloudGoat is a tool that can help cloud training by providing vulnerable CTF-style AWS environments to help anyone learn about AWS security. This walkthrough will cover the CloudGoat attack simulation “ec2_ssrf”.
This challenge was…