Both presentations we held this year at DefCamp are now available online (recordings and slides). DefCamp is one of the largest and most important cybersecurity
AWS ssm:SendCommand or network agnostic built-in RCE as root
Post-exploitation in cloud can be fun and easy if you have the right permissions. There is no other permission that I would rather have than
AWS Enumeration – Part II (Practical enumeration)
We hackers love cheat sheets so here are mine for AWS IAM, EC2, S3 Buckets and Lambda Functions. In Part I we showed what approaches
AWS Enumeration – Part I (Where to start, Approaches and Tools)
This article is covering multiple ways to enumerate the resources within an AWS environment. We’ll explain how to perform enumeration, what you should look for,
Practical Network Penetration Tester (PNPT): Real-life Penetration Testing exam – Tips & Tricks to pass the exam
The PNPT certification exam is a one-of-a-kind ethical hacking certification exam that assesses the ability to perform an external and internal network penetration test at a professional level.
Mobile Pentesting 101 – Bypassing Biometric Authentication
Android and iOS Fingerprint bypassing techniques. The article presents multiple biometric bypass methods, including Frida and objection.