Hello everyone! Here we go again, this time we will be solving Path Traversal to AWS credentials to S3 challenge.

Hey readers! Hope you all are having an amazing day. IAM Privilege Esclatation is an interesting topic, I learned about this first time when I was doing a course and labs from Attack Defense. I als...

Hola Amigo! kaise ho theek ho? This time we will be solving Hunt for Secrets in Git Repos challenge. There have been many data breaches because of leaked credentials in Git repos. In this challen...

Here we go again! Today, we will be solving the Loot Public EBS Snapshots challenge. Once we start the lab, we are provided with AWS Credentials. So, let’s jump to our terminal, configure these c...

Hello everyone! Today we will be solving another challenge. In this challenge, we need to Identify the AWS Account ID from a Public S3 Bucket. This challenge’s name reminded of an old research th...

Hey everyone! It’s time for another AWS Security challenge write-up. This time, we will be solving the SSRF to Pwned challenge. When we begin the lab, we are provided by an IP address as an entry...

Hey everyone! It’s time for another AWS Security challenge write-up. From the title, we can deduce that this challenge is about S3 bucket versioning. When we begin the lab, we are provided by an ...

This is a collection of resources to learn and practice AWS Security - both offense and defense in no particular order. Tools awspx AWS Cloud Simulation Permissions.cloud ScoutSuite Pr...

Once we start the challenge, we can see the wesbite “http://dev.huge-logistics.com” as an entry point. So we will open it in our browser and go through the website, since most of the functionalit...

Hi there everyone, in this blog post I will write about how I approached and solved the OG flAWS challenge! Before starting the challenge, make sure you have AWS CLI installed and configured. L...