unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
The New PKCE Authentication in AWS SSO Brings Hope (Mostly)
In 2021, I wrote about how offensive actors can leverage AWS SSO device code for phis...
2024-11-29 07:59:27 | 阅读: 2 |
收藏
|
Christophe Tafani-Dereeper - blog.christophetd.fr
sso
client
phishing
pkce
Stop worrying about ‘allowPrivilegeEscalation’
Kubernetes security contexts allow you to configure security options at the pod or container lev...
2024-6-14 18:24:58 | 阅读: 3 |
收藏
|
Christophe Tafani-Dereeper - blog.christophetd.fr
security
privileges
privs
turning
IMDSv2 enforcement: coming to a region near you!
On March 25, AWS released a new feature that helps enforcing IMDSv2 at the region level by defaul...
2024-3-28 07:29:59 | 阅读: 6 |
收藏
|
Christophe Tafani-Dereeper - blog.christophetd.fr
imdsv2
ec2
enforce
security
client
Hiding in Plain Sight: Unlinking Malicious DLLs from the PEB
In this post, we take a look at an anti-forensics technique that malware can leverage to hide inj...
2023-4-21 17:59:34 | 阅读: 17 |
收藏
|
Christophe Tafani-Dereeper - blog.christophetd.fr
malicious
loaded
memory
windows
A Tribute to Hadrien Milano
Today’s post is unlike any I ever wrote: a tribute to a dear friend, who, a few months ago, bruta...
2022-8-5 05:22:30 | 阅读: 121 |
收藏
|
blog.christophetd.fr
hadrien
met
fish
facebook
MITM at the Edge: Abusing Cloudflare Workers
Cloudflare Workers provide a powerful serverless solution to run code that sits betwe...
2022-6-29 06:21:45 | 阅读: 59 |
收藏
|
blog.christophetd.fr
malicious
attacker
attackers
Introducing Stratus Red Team, an Adversary Emulation Tool for the Cloud
read file error: read notes: is a directory...
2022-1-28 08:19:16 | 阅读: 42 |
收藏
|
blog.christophetd.fr
stratus
cloudtrail
trail
cloud
Implementing a Vulnerable AWS DevOps Environment as a CloudGoat Scenario
I’m a huge fan of disposable security labs, both for offensive and defen...
2022-1-12 01:34:6 | 阅读: 26 |
收藏
|
blog.christophetd.fr
cloudgoat
ssm
ssh
ec2
foocorp
Cloud Security Breaches and Vulnerabilities: 2021 in Review
As 2021 fades away, we look back on cloud data breaches and vulnerabilit...
2021-12-22 21:41:42 | 阅读: 57 |
收藏
|
blog.christophetd.fr
security
cloud
buckets
ssrf
Phishing for AWS credentials via AWS SSO device code authentication
When using AWS in an enterprise environment, best practices dictate to u...
2021-06-10 03:49:41 | 阅读: 159 |
收藏
|
blog.christophetd.fr
sso
victim
attacker
oidc
client
Retrieving AWS security credentials from the AWS console
In this short blog post, we describe how to retrieve AWS security creden...
2021-06-06 02:11:20 | 阅读: 107 |
收藏
|
blog.christophetd.fr
security
ec2
cloudshell
imds
1338
Shifting Cloud Security Left — Scanning Infrastructure as Code for Security Issues
In manufacturing, catching defects early in the assembly line ensures th...
2020-12-20 21:20:57 | 阅读: 162 |
收藏
|
blog.christophetd.fr
security
analysis
cloud
checkov
regula
Privilege Escalation in AWS Elastic Kubernetes Service (EKS) by compromising the instance role of worker nodes
In this post, we discuss the risks of the AWS Instance Metadata service...
2020-09-01 05:23:42 | 阅读: 102 |
收藏
|
blog.christophetd.fr
ec2
ecr
eks
network
kubernetes
Automating the provisioning of Active Directory labs in Azure
Today, I’m releasing Adaz, a project aimed at automating the provisionin...
2020-06-09 02:45:13 | 阅读: 102 |
收藏
|
blog.christophetd.fr
windows
azurerm
workstation
network
They told me I could be anything, so I became a Kubernetes node – Using K3s for command and control on compromised Linux hosts
In their RSA 2020 talk Advanced Persistence Threats: The Future of Kuber...
2020-03-31 04:50:25 | 阅读: 91 |
收藏
|
blog.christophetd.fr
k3s
kubernetes
machine
privileged
pods
Hidden in PEB Sight: Hiding Windows API Imports With a Custom Loader
In this post, we look at different techniques to hide Windows API imports...
2020-02-18 09:42:39 | 阅读: 98 |
收藏
|
blog.christophetd.fr
x8b
openprocess
shellcode
windows
xd0
Stealthier persistence using new services purposely vulnerable to path interception
Unquoted Service Paths is a widely known technique to perform privilege e...
2019-08-31 07:29:07 | 阅读: 77 |
收藏
|
blog.christophetd.fr
mozilla
unquoted
updater
windows
machine
Building an Office macro to spoof parent processes and command line arguments
Most modern EDR solutions use behavioral detection, allowing to detect ma...
2019-03-12 07:43:37 | 阅读: 74 |
收藏
|
blog.christophetd.fr
powershell
spoofing
windows
spawned
malicious
[Write-up] Insomni’hack 2018 CTF teaser
Like every year, the Swiss security event Insomni’hack releases a “CTF te...
2018-01-23 02:08:37 | 阅读: 105 |
收藏
|
blog.christophetd.fr
php
smarty
pwned
1hax4b
teaser
CloudFlair: Bypassing Cloudflare using Internet-wide scan data
Cloudflare is a service that acts as a middleman between a website and its end users, protecting it...
2018-01-18 23:00:19 | 阅读: 94 |
收藏
|
blog.christophetd.fr
censys
attacker
tld
mytarget
mycompany
Previous
-3
-2
-1
0
1
2
3
4
Next