Attacking Azure Developers: Easy Mode
This post provides various tactics for hunting Microsoft Azure credentials within a DevOps environment. Topics include environment variables, PowerShell AzureRM and the Secret Manager utility.…
Attacking AWS Developers: Stealing Creds from AWS Toolkit
This post reveals how an attacker can leverage a developer's workstation to compromise their AWS credentials and gain access to an ec2 instance.…
Post-Ex: Stealing AWS Credentials
The first of two AWS credential posts, we discuss how to find and use AWS credentials during post-exploitation.…
Code Survival: Debug a Compiled DLL
An introduction to using VS2017, DotPeek and ILSpy in order to debug and step-through a compiled DLL.…