on security, rift, cloud, aws, stacktitan, egress, webdav, letsencrypt, apache, opsec, pentest, adversary

Secure WebDav Egress: AMZ EC2, Apache, and Let's Encrypt

This post will describe the process to setup an AWS EC2 webdav instance with valid Let's Encrypt certificates. This could be used in attacks where the adversary controls the UNC path and wants an alternative encrypted webdav solution.…

on security, rift, phish, stacktitan

Phishing: Redressing Microsoft COM Objects

This post will describe how to overcome an embedded Office COM object from looking less than enticing and making it more phish friendly, such as a clickable button.…

on security, rift, cloud, kali, powershell, core

Kali Rolling and PowerShell Core

This post provides a resolution to an issue preventing Microsoft Powershell Core from installing on Kali Rolling.…

on devops, security, rift, cloud

Attacking Azure Developers: Easy Mode

This post provides various tactics for hunting Microsoft Azure credentials within a DevOps environment. Topics include environment variables, PowerShell AzureRM and the Secret Manager utility.…

on aws, amazon, post-ex, security, cloud

Attacking AWS Developers: Stealing Creds from AWS Toolkit

This post reveals how an attacker can leverage a developer's workstation to compromise their AWS credentials and gain access to an ec2 instance.…