At the end of 2021, I took the PEN-300 course by Offensive Security. After the course, at the beginning of 2022, I took the first OSEP exam attempt which I failed. Then, at the begning of May I took my second attempt (or even third) and successfully passed the Offensive...
[Read More]
Hijacking AWS API calls
Using the Route53 modification and ACM-PCA certificates
Some time ago I have done some research on possible Man-in-the-Middle threats in AWS. This blog post describes the results of this research and shows an interesting way of escalating the IAM privileges in the AWS VPC.
[Read More]
Manage Pentest in Time
Effectiveness, productivity, motivation, avoid procrastination in pentesting
Recently, I have struggled a lot with my motivation to do pentest at work or do any security-related outside work activity. Even though I have been able to achieve good results in many of my pentest, I have not enjoyed it as before. Now, looking back in time I think...
[Read More]
Security Implication of Root principal in AWS
How simple mistake can ruin your security
Many organizations utilizing AWS to host their cloud-native applications. Those applications use several AWS native methods to control the access to the AWS resources - Resource Policy e.g. Key Policy or to restrict the VPC on the VPC Endpoint Policy. Even though some policies are applied on certain resources, there...
[Read More]
CVE-2021-29995 CSRF to RCE on CloverDX 5.9.0
Make CSRF great again
The cross-site request forgery vulnerability exists in the recent version of CloverDX Server on all GUI-based endpoints (JSF). The malicious attacker can use that vulnerability to perform any actions that are allowed through the GUI endpoint. One of the features of CloverDX Server is to create manual task execution –...
[Read More]