Mary BeckenThe Wrong Role Just Woke Up- Role Assumption for EvilOne of the most common ways to perform illicit privilege escalation in AWS is using weak or stolen credentials. The credentials can be…2d ago2d ago
Mary BeckenWhere Danger Lives- Scanning Untrusted Uploads to S3Prior to the introduction of GuardDuty Malware Scanning for S3, detecting malicious objects in S3 uploads was something AWS customers…Aug 25Aug 25
Mary BeckenThe Portal Has Opened, bwahahaIn two of the last articles I wrote, https://medium.com/@mgbecken/all-these-defenders-i-cant-keep-them-straight-she-sobbed-932257bc88f5 and…Mar 25Mar 25
Mary Becken“All these Defenders, I can’t keep them straight!” she sobbed.I haven’t been playing too much in the Azure realm lately, and to pay me back for my neglect, all the versions of Microsoft Defender seem…Jan 19Jan 19
Mary BeckenEasy-Bake: from Postman Collection to OpenAPICreate an OpenAPI specification in a Hasbro minuteDec 24, 2023Dec 24, 2023
Mary BeckenRunning Wild with GraphRunnerDo you want to use GraphRunner like the cool kids at Black Hills Infosec https://www.blackhillsinfosec.com? But don’t have an Azure lab to…Nov 5, 2023Nov 5, 2023
Mary BeckenWhy can’t you just be regular? Serverless resource exhaustion using RegexServerless functions, like many applications, can be vulnerable to resource exhaustion attacks. One category of these is reDoS or Regular…Jul 3, 2023Jul 3, 2023
Mary BeckenFast and furious Kubernetes cluster creation with TerraformUsing Azure Cloud Shell, Terraform, and AKS to create a clusterApr 10, 2023Apr 10, 2023