Open in app

Sign In

Write

Sign In

Pawel Rzepa
Pawel Rzepa

691 Followers

Home

About

Published in

InfoSec Write-ups

·Dec 1, 2022

pentesting.cloud part 2: “Is there an echo in here?” AWS CTF walkthrough

In this blog post I’m going to show you a technique of uncovering a CloudFormation values protected by the NoEcho property. In other words, you gonna learn how to display secrets from already deployed CloudFormation stacks, hidden behind ****. This is the walkthroug of the “Is there an echo in…

AWS

6 min read

pentesting.cloud part 2: “Is there an echo in here?” AWS CTF walkthrough
pentesting.cloud part 2: “Is there an echo in here?” AWS CTF walkthrough
AWS

6 min read


Published in

InfoSec Write-ups

·Nov 3, 2022

pentesting.cloud part 1: “Open To The Public” CTF walkthrough

Recently I have a very good time playing the pentesting.cloud CTF and in this blog post I want to start a new walkthrough series of IMHO the most interesting challenges. I’ll start from the hard challenge named “Open To The Public”. Let’s get it started! This challenge doesn’t require any setup and at the…

AWS

6 min read

pentesting.cloud part 1: “Open To The Public” CTF walkthrough
pentesting.cloud part 1: “Open To The Public” CTF walkthrough
AWS

6 min read


Published in

Towards AWS

·Oct 24, 2022

AWS security assessment: what scanners are missing and how threat modeling may help you?

There are many tools available today that are designed to automate security checks. For example, here’s a good list of open-source AWS security tools, not even mentioning commercial ones. But IMHO some people rely too much on tools, as if conducting an AWS security assessment is the same as formatting…

AWS

6 min read

AWS security assessment: what scanners are missing and how threat modeling may help you?
AWS security assessment: what scanners are missing and how threat modeling may help you?
AWS

6 min read


Published in

Inside the Tech by SoftServe

·Aug 26, 2021

AWS privilege escalation: exploring odd features of the Trust Policy

IAM roles are commonly used, for example, to grant access to AWS service, account, or federated identity. Each role has a document associated with it, which is called a Trust Policy. This document specifies who can assume the role and under what conditions it’s allowed or denied. The Trust Policy…

AWS

4 min read

AWS privilege escalation: exploring odd features of the Trust Policy
AWS privilege escalation: exploring odd features of the Trust Policy
AWS

4 min read


Published in

Towards AWS

·Jul 7, 2021

How to defend against DNS exfiltration in AWS?

TL;DR - VPCs by default use the Amazon-provided DNS which can be used to bypass some network-level protection mechanisms (e.g. NACLs or SGs) or monitoring (e.g. VPC Flow Logs). - Recently a new service has been released: the Route 53 Resolver DNS Firewall which allows for blocking and monitoring DNS queries to…

AWS

6 min read

How to defend against DNS exfiltration in AWS?
How to defend against DNS exfiltration in AWS?
AWS

6 min read


Apr 19, 2021

AWS and HackerOne CTF write-up

Recently, @d0nutptr built an AWS-based CTF on HackerOne platform. The CTF was time-limited (available just for a week⏳), so I guess not all interested people had a chance to play with it. Furthermore, it’s still quite rare to see a CTF mixing AWS and web security skills. …

AWS

7 min read

AWS and HackerOne CTF write-up
AWS and HackerOne CTF write-up
AWS

7 min read


Jan 3, 2021

How can you benefit by sharing your knowledge?

Ending of the year is often good time to do some summary of your current achievements and future goals. My review of 2020 inspired me to make something unusual — to create non-technical blog post about sharing knowledge. No matter how naive it sounds, a decision to start sharing my…

Self Improvement

4 min read

How can you benefit by sharing your knowledge?
How can you benefit by sharing your knowledge?
Self Improvement

4 min read


Published in

The Startup

·Nov 19, 2020

AWS Access Keys Leak in GitHub Repository and Some Improvements in Amazon Reaction

AWS access keys leak via public code repository is a quite known security problem. So common, that popular version control systems offer for free a dedicated service, which looks for hardcoded secrets. Specifically, I refer here to GitHub secret scanning service. Without a doubt, it’s awesome that such a service…

AWS

5 min read

AWS Access Keys Leak in GitHub Repository and Some Improvements in Amazon Reaction
AWS Access Keys Leak in GitHub Repository and Some Improvements in Amazon Reaction
AWS

5 min read


Published in

SecuRing

·Mar 5, 2020

Serverless (in)security

TL;DR Most of vulnerabilities existing in traditional applications can also appear in serverless applications. The most common ones are described in OWASP Serverless Top 10. There are also threats which are specific to serverless, like event injection or overwriting the code stored in S3 bucket. It’s quite common, that Lambda’s execution…

Serverless

6 min read

Serverless (in)security
Serverless (in)security
Serverless

6 min read


Nov 5, 2019

Passing the AWS Certified Security-Speciality exam

Recently I’ve passed the “AWS Certified Security — Speciality” exam, so I think that’s the best proof that my preparation process was good enough. In this post I want to share my path to pass the “AWS Certified Security — Speciality” exam, including sharing all my notes which I made…

AWS

4 min read

Passing the AWS Certified Security Speciality exam
Passing the AWS Certified Security Speciality exam
AWS

4 min read

Pawel Rzepa

Pawel Rzepa

691 Followers

Interested in pentesting and cloud security | OSCP | eMAPT | AWS SAA | AWS CSS

Following
  • Yan Cui

    Yan Cui

  • David Koff

    David Koff

  • Prashant Lakhera

    Prashant Lakhera

  • Damian Rusinek

    Damian Rusinek

  • Matt Fuller

    Matt Fuller

See all (27)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams