The New PKCE Authentication in AWS SSO Brings Hope (Mostly) In 2021, I wrote about how offensive actors can leverage AWS SSO device code for phis... 2024-11-29 07:59:27 | 阅读: 2 | 收藏 | Christophe Tafani-Dereeper - blog.christophetd.fr sso client phishing pkce

Stop worrying about ‘allowPrivilegeEscalation’ Kubernetes security contexts allow you to configure security options at the pod or container lev... 2024-6-14 18:24:58 | 阅读: 3 | 收藏 | Christophe Tafani-Dereeper - blog.christophetd.fr security privileges privs turning

IMDSv2 enforcement: coming to a region near you! On March 25, AWS released a new feature that helps enforcing IMDSv2 at the region level by defaul... 2024-3-28 07:29:59 | 阅读: 6 | 收藏 | Christophe Tafani-Dereeper - blog.christophetd.fr imdsv2 ec2 enforce security client

Hiding in Plain Sight: Unlinking Malicious DLLs from the PEB In this post, we take a look at an anti-forensics technique that malware can leverage to hide inj... 2023-4-21 17:59:34 | 阅读: 17 | 收藏 | Christophe Tafani-Dereeper - blog.christophetd.fr malicious loaded memory windows

A Tribute to Hadrien Milano Today’s post is unlike any I ever wrote: a tribute to a dear friend, who, a few months ago, bruta... 2022-8-5 05:22:30 | 阅读: 121 | 收藏 | blog.christophetd.fr hadrien met fish facebook

MITM at the Edge: Abusing Cloudflare Workers Cloudflare Workers provide a powerful serverless solution to run code that sits betwe... 2022-6-29 06:21:45 | 阅读: 59 | 收藏 | blog.christophetd.fr malicious attacker attackers

Introducing Stratus Red Team, an Adversary Emulation Tool for the Cloud read file error: read notes: is a directory... 2022-1-28 08:19:16 | 阅读: 42 | 收藏 | blog.christophetd.fr stratus cloudtrail trail cloud

Implementing a Vulnerable AWS DevOps Environment as a CloudGoat Scenario I’m a huge fan of disposable security labs, both for offensive and defen... 2022-1-12 01:34:6 | 阅读: 26 | 收藏 | blog.christophetd.fr cloudgoat ssm ssh ec2 foocorp

Cloud Security Breaches and Vulnerabilities: 2021 in Review As 2021 fades away, we look back on cloud data breaches and vulnerabilit... 2021-12-22 21:41:42 | 阅读: 57 | 收藏 | blog.christophetd.fr security cloud buckets ssrf

Phishing for AWS credentials via AWS SSO device code authentication When using AWS in an enterprise environment, best practices dictate to u... 2021-06-10 03:49:41 | 阅读: 159 | 收藏 | blog.christophetd.fr sso victim attacker oidc client

Retrieving AWS security credentials from the AWS console In this short blog post, we describe how to retrieve AWS security creden... 2021-06-06 02:11:20 | 阅读: 107 | 收藏 | blog.christophetd.fr security ec2 cloudshell imds 1338

Shifting Cloud Security Left — Scanning Infrastructure as Code for Security Issues In manufacturing, catching defects early in the assembly line ensures th... 2020-12-20 21:20:57 | 阅读: 162 | 收藏 | blog.christophetd.fr security analysis cloud checkov regula

Privilege Escalation in AWS Elastic Kubernetes Service (EKS) by compromising the instance role of worker nodes In this post, we discuss the risks of the AWS Instance Metadata service... 2020-09-01 05:23:42 | 阅读: 102 | 收藏 | blog.christophetd.fr ec2 ecr eks network kubernetes

Automating the provisioning of Active Directory labs in Azure Today, I’m releasing Adaz, a project aimed at automating the provisionin... 2020-06-09 02:45:13 | 阅读: 102 | 收藏 | blog.christophetd.fr windows azurerm workstation network

They told me I could be anything, so I became a Kubernetes node – Using K3s for command and control on compromised Linux hosts In their RSA 2020 talk Advanced Persistence Threats: The Future of Kuber... 2020-03-31 04:50:25 | 阅读: 91 | 收藏 | blog.christophetd.fr k3s kubernetes machine privileged pods

Hidden in PEB Sight: Hiding Windows API Imports With a Custom Loader In this post, we look at different techniques to hide Windows API imports... 2020-02-18 09:42:39 | 阅读: 98 | 收藏 | blog.christophetd.fr x8b openprocess shellcode windows xd0

Stealthier persistence using new services purposely vulnerable to path interception Unquoted Service Paths is a widely known technique to perform privilege e... 2019-08-31 07:29:07 | 阅读: 77 | 收藏 | blog.christophetd.fr mozilla unquoted updater windows machine

Building an Office macro to spoof parent processes and command line arguments Most modern EDR solutions use behavioral detection, allowing to detect ma... 2019-03-12 07:43:37 | 阅读: 74 | 收藏 | blog.christophetd.fr powershell spoofing windows spawned malicious

[Write-up] Insomni’hack 2018 CTF teaser Like every year, the Swiss security event Insomni’hack releases a “CTF te... 2018-01-23 02:08:37 | 阅读: 105 | 收藏 | blog.christophetd.fr php smarty pwned 1hax4b teaser

CloudFlair: Bypassing Cloudflare using Internet-wide scan data Cloudflare is a service that acts as a middleman between a website and its end users, protecting it... 2018-01-18 23:00:19 | 阅读: 94 | 收藏 | blog.christophetd.fr censys attacker tld mytarget mycompany