Hunting for Open S3 Buckets and Sensitive Data
Mitre ATT&CK Technique ID Data from Cloud Storage Object T1530 Buckets? S3, first introduced in 2006, is one of Amazon Web Services' most popular services. This simple and fast cloud [...]
Mitre ATT&CK Technique ID Data from Cloud Storage Object T1530 Buckets? S3, first introduced in 2006, is one of Amazon Web Services' most popular services. This simple and fast cloud [...]
Mitre ATT&CK Technique ID Account Discovery: Domain Account T1087.002 Active Directory is a platform that has received plenty of attention from adversaries and operators over the years. It has a [...]
Password Breach Data Mitre ATT&CK Technique ID Brute Force: Credential Stuffing T1110.004 Every year countless data breaches occur. From 700 Million LinkedIn users' information getting leaked sometime between 2020 and 2021 [...]
Password Spraying Mitre ATT&CK Technique ID Brute Force: Password Spraying T1110.003 Password spraying is the process of brute-force guessing passwords against a list of accounts, either externally or internally. Adversaries use [...]
Kerberoasting Mitre ATT&CK Technique ID Steal or Forge Kerberos Tickets: Kerberoasting T1558.003 What is it? Kerberoasting is the attack that keeps on giving for adversaries and penesters alike. First documented in [...]
Pass the Hash Mitre ATT&CK Technique ID Use Alternate Authentication Material: Pass the Hash T1550.002 What is it? Passing the hash is a technique that adversaries commonly use within an internal [...]
Mitre ATT&CK Technique ID Unsecured Credentials: Cloud Instance Metadata API T1552.005 The AWS Metadata service facilitates information access for applications running on a given EC2 instance. This is provided to [...]
ScoutSuite Introduction ScoutSuite is a multi-cloud security auditing tool written by the wonderful folks over at NCC group. We use it heavily here at Renegade Labs, so I wanted to [...]
In modern web applications, almost all functionality offered to users is handled by an Application Programming Interface or API for short. To help visualize how this works, think of a [...]
This is the second blog post covering NISTIR 8259 and securing IoT devices. If you missed it, be sure to check out part 1 where we cover the “pre-market” phase [...]