Pillaging Data from Private AWS Subnets
Exploiting overly permissive VPC endpoints to exfiltrate data from private AWS subnets
Exploiting overly permissive VPC endpoints to exfiltrate data from private AWS subnets
Simple method to define and build security testing containers in Podman
Labs to learn penetration testing and offensive security
Penetration test reports, aggregating findings and thinking more deeply.
AWS and overly permissive GitHub OIDC cross-account role trust policies
Blog post about Kubernetes Security Fundementals
Blog post about Cloud Configuration Reviews
How to own an internal domain and pivot into the cloud
Continuous AWS Testing with Snotra, Lambda, Cloud Watch EventBridge and S3.
Fixing issues in common tools with Python ldap3 when connecting to Domain Controllers with LDAP signing and binding enabled.