A deep dive into AWS SSM Run Command shows that there are multiple documents attackers can use for executing code remotely on EC2 instances. In

Security Research and Services
A deep dive into AWS SSM Run Command shows that there are multiple documents attackers can use for executing code remotely on EC2 instances. In
A tool for getting reverse shells in EC2 instances where network communication to your host is restricted. In my last article, AWS ssm:SendCommand or network
Both presentations we held this year at DefCamp are now available online (recordings and slides). DefCamp is one of the largest and most important cybersecurity
Post-exploitation in cloud can be fun and easy if you have the right permissions. There is no other permission that I would rather have than
We hackers love cheat sheets so here are mine for AWS IAM, EC2, S3 Buckets and Lambda Functions. In Part I we showed what approaches
This article is covering multiple ways to enumerate the resources within an AWS environment. We’ll explain how to perform enumeration, what you should look for,