Cyber AnomCloudGoat : codebuild_secrets walkthrough (via SSM parameters)“codebuild_secrets” is configured where your goal is to find secret strings hidden within a RDS instance. We start off by listing SSM…Jul 17, 2023Jul 17, 2023
Cyber AnomCloudGoat : vulnerable_cognito write-upThis environment is set up where we’ll exploit Amazon Cognito. Amazon Cognito is an AWS service used for user authentication and access…Jul 4, 2023Jul 4, 2023
Cyber AnomCloudGoat : rce-web_app write-up (“McDuck” pathway)This walk-through covers the pathway for the “McDuck” user on “rce_web_app”. You begin with permissions that only allow access to S3…Jun 10, 2023Jun 10, 2023
Cyber AnomCloudGoat : rce-web_app write-up (“Lara” pathway)This environment is configured where your goal is to access a database and the data within. The pathway shown starts off with the “Lara”…Jun 4, 2023Jun 4, 2023
Cyber AnomCloudGoat : ecs_takeover walk-through“ecs_takeover” is configured where you start off with an external website only. A RCE (remote code execution) vulnerability is used to…May 28, 2023May 28, 2023
Cyber AnomCloudGoat : ec2_ssrf write-upThis scenario is setup where your starting role limits you to read-only permissions. Secrets lead the trail to an EC2 instance open to…May 20, 2023May 20, 2023
Cyber AnomCloudGoat : iam_privesc_by_attachment walk-throughThis write-up covers the situation where a lack of permissions only grants a user the ability spin up EC2 instances with higher-level…Apr 5, 2023Apr 5, 2023
Cyber AnomCloudGoat : cloud_breach_s3 walk-throughThis write-up goes through the scenario where a reverse-proxy server is exploited to use found keys to exfiltrate sensitive information…Mar 30, 2023Mar 30, 2023
Cyber AnomCloudGoat : lambda_privesc walk-throughThis walk-through covers the CloudGoat 2 scenario where you pass “admin” permissions through an assumed role to a user, granting full…Feb 22, 2023Feb 22, 2023
Cyber AnomCloudGoat : iam_privesc_by_rollback walk-throughThis write-up walks you through the scenario,“iam_privesc_by_rollback” from Rhino Security Labs’ CloudGoat (link below).Feb 8, 2023Feb 8, 2023