PinnedHarsh VaragiyaHunting for Secrets: Scanning Public Docker Images on AWS ECRInsights from our research where we managed to scan every single public AWS ECR docker image and find access keys, tokens, secrets…Jul 162Jul 162
Harsh VaragiyaHomeLab V2 —Migrating to OnPremIn this revision of the HomeLab, I discuss the shortcomings of the previous architecture and how I solved the issues in V2.Nov 13, 20232Nov 13, 20232
Harsh VaragiyaSSL Search — A tool to identify infrastructure and discover attack surfaces.This tool allows the user to scan x509 certificates on cloud service providers or given IPv4 CIDRs in order to hunt for a specific target.Nov 13, 20231Nov 13, 20231
Harsh VaragiyainInfoSec Write-upsEvading Attribution & Moving Laterally on AWSlet’s see how an attacker might try to mislead the SOC while attempting to escalate his privileges with leaked AWS credentialsApr 3, 2023Apr 3, 2023
Harsh VaragiyaExperimenting with the cloud — How i built my HomeLabReason for building the HomeLab / CloudLabOct 3, 2021Oct 3, 2021