on security, rift, cloud, aws, stacktitan, egress, webdav, letsencrypt, apache, opsec, pentest, adversary

Secure WebDav Egress: AMZ EC2, Apache, and Let's Encrypt

This post will describe the process to setup an AWS EC2 webdav instance with valid Let's Encrypt certificates. This could be used in attacks where the adversary controls the UNC path and wants an alternative encrypted webdav solution.…

on aws, amazon, post-ex, security, cloud

Attacking AWS Developers: Stealing Creds from AWS Toolkit

This post reveals how an attacker can leverage a developer's workstation to compromise their AWS credentials and gain access to an ec2 instance.…

on aws, amazon, post-ex, security, cloud

Post-Ex: Stealing AWS Credentials

The first of two AWS credential posts, we discuss how to find and use AWS credentials during post-exploitation.…