SarapremashishAmazon Inspector: Assessing Security of EC2 instancesAmazon Inspector is an automated security assessment service to help in identifying the vulnerabilities on your EC2 instances. It allows a…May 17, 2020May 17, 2020
SarapremashishIllustration: Exposed AWS Access KeysI created a demo IAM user admin this user has complete access across all the resources. For the purpose of this demo attacker enumerate…May 4, 2020May 4, 2020
SarapremashishSubdomain Takeovers: A Diffrent kind.There are a plenty of write ups on subdomain takeover. But, I thought let’s cover the basics of it. To get to this case where I was able…May 3, 2020May 3, 2020
SarapremashishHow to Deal with Exposed AWS Access KeysWe all know AWS Access Key ID and AWS Secret Access Key are literally the keys to access any AWS account. And keeping them safe and secure…Apr 29, 2020Apr 29, 2020
SarapremashishosTicket 1.10.1 Unauthenticated Stored XSS allows an attacker to gain admin privilegesCVE Reference: CVE-2019-13397Jul 9, 2019Jul 9, 2019