Archives
All the articles I've archived.
Access secrets via s3 bucket versioning
Published: at 03:22 PMIn this lab, we will be solving an lab with an attack vector through a s3 bucket versioning feature and through that we can able to exfil the secrets and elevating further more
Leverage leaked credentials for pwnage
Published: at 03:22 PMExploiting weakness in Amazon RDS and elevating further to get the flag
Loot Public EBS Snapshots
Published: at 03:22 PMIn this lab, we will be solving an lab on understanding what ebs snapshots are and there misconfigurations....
Plunder Public RDS Snapshots
Published: at 03:22 PMExploiting weakness in Amazon RDS and elevating further to get the flag
AWS Penetration Testing 101
Published: at 03:22 PMUnderstanding the shared responsibility model first and then how the cloud pentest works?
Identify the AWS Account ID from a Public S3 Bucket
Published: at 03:22 PMGetting to know about how we can able to fecth a AWS account ID from a publicly available s3 bucket
My Journey to Becoming a Burp Suite Certified Practitioner
Published: at 03:22 PMReview of BSCP in a way possible to document
Understanding Client Certificate Authentication and the TLS Handshake
Published: at 11:22 AMA detailed dive into client certificate authentication, its role in the TLS handshake, and how it adds an extra layer of security in sensitive communications.
Reveal Hidden risks using Securityhub
Published: at 11:22 AMWalkthrough of exploring AWS securityhub and a simulation activity to identify an issue that lead to some interesting findings
Uncover Secrets in CodeCommit and Docker
Published: at 10:22 AMIn this lab, we will see how the leaked credentials through dockerhub can be leveraged atmost and more further
Understanding IAM Basics
Updated: at 04:12 PMPut in my notes as a blog for IAM in minimalist way
IAM Users vs IAM roles - Understanding the differences
Updated: at 04:12 PMUnderstanding the differences between the IAM roles and IAM uders
Hacking Porn and Dating Sites - A Theme-Based Bug Bounty Approach
Published: at 03:22 PMAn Individual research on bugbounty programs that I took an unique approach on choosing porn industry based programs which paid me pretty much..
Random Notes about prototype pollution
Published: at 03:22 PMNotes that I took while preparing for BSCP exam on prototype pollution lab
Breach in the Cloud - Cloudtrial challenge
Published: at 03:22 PMThis is a challenge from pwnedlabs where I've been provided with the cloudtrial logs and from there I've to do log analysis and trying to reproduce the attack from the attacker perspective
SSRF to Pwned
Published: at 03:22 PMLab from pwnedlabs where we have provided with a webserver and we are gonna look into how we can leverage it to SSRF
Getting to know about Cloudtrial
Published: at 11:22 AMGetting to know about cloudtrial in a such a way to understad easily
DNS 101
Published: at 11:22 AMSome DNS notes which I had in my archive
Big IAM Challenge - Wiz CTF Challenge
Published: at 03:22 PMIAM Challenge from Wiz where we will be given an IAM rules and need to identify misconfiguration and exploit it to get a flag
A story of Default wordlist in Dirsearch to 20k INR Bounty
Published: at 03:22 PMMy First Bug in my bugbounty journey where I took an approach of guy who solves the CTF... Unfortunately it worked and I found some sensitive files which lead to a bounty
Hacking My Way Through Protostar - A Noob's Guide to Buffer Overflows
Published: at 03:22 PMWalkthrough of Protostar from exploit exercises