Background Recently I was in a purple team engagement where our goal was to measure the mean time-to-detection for different types of attacks in the AWS cloud environment. Starting from an assumed-...

Background Once an adversary has access to their target’s AWS account, one of their preference would be to maintain long term access. The first thing they might try to do is to escalate their priv...

Background This blog post is part of the AWS privilege escalation series. If you have not already, I would suggest checking out the previous post: Privilege Escalation in AWS - Part 01 In this po...

Intenal is a hard difficulty penetration testing challenge created by TheMayor. Enumeration Lets start our nmap scan and see what ports are open and what services are running on these ports. nmap ...

Assalam-o-Alaikum & Hello Folks! I hope you are doing well. Today I am here with the detailed writeup of a ctf organized by Hackerone which started in 2nd week of December 2020. It was a 12 da...

Assalam-o-Alaikum folks! I hope you guys are safe and sound in this pandemic. BsidesIslamabad-2020 was the first ever Bsides cyber security conference of Pakistan, conducted on November 7th-8th 20...