Rhino Security Labs

Strategic & Technical Blog

Bypassing Little Snitch Firewall
with Empty TCP Packets

Ryan Gerstenkorn

Little Snitch is a popular host-based firewall for macOS, used for monitoring and restricting egress network traffic.
When an application on a system running Little Snitch makes a new, previously unseen connection, Little Snitch will…

AWS IAM Privilege Escalation – Methods and Mitigation

AWS IAM Enumeration 2.0: Bypassing CloudTrail Logging

CloudGoat: The ‘Vulnerable-by-Design’ AWS Environment

Spencer Gietzen

Correctly executing penetration tests against AWS environments is a difficult, complicated task that requires knowledge and practice in a variety of different areas. It requires both AWS knowledge and red-team-like knowledge to perform a…