Ofir Brukner
@ofirbrukner
Followers
44
Following
37
Media
0
Statuses
5
Curious about anything cloud security | Co-Founder & VP Product @ 馃拵
Joined May 2017
Doing a cloud pen test and you only have low privilege AWS creds? @bishopfox describes how you can escalate privileges by examining CloudTrail assumeRole events to learn other AWS accounts you can pivot to. #pentesting #cloudsecurity
https://t.co/eG95ADyTSH
bishopfox.com
Look at a realistic cloud penetration test situation and see how to utilize the AWS CloudTrail service to discover AWS accounts that you could pivot to.
1
48
151
讘-2017 注讘讚转讬 讘转讜专 诪谞讛诇 讛诪讜谞讟讬讝讬爪讛 砖诇 讗驻诇讬拽爪讬讛 讚讬 诪爪诇讬讞讛 砖注讜砖讛 讻诪注讟 讗转 讻诇 讛讻住祝 砖诇讛 诪驻专住讜诪讜转. 讛讗讚诐 讘转驻拽讬讚 讻讝讛 讛讜讗 讛诪讟专讛 砖诇 讞讘专讜转 讛讗讚-讟拽. 讗讞转 诪讛谉, 讞讘专讛 讗讜拽专讗讬谞讬转, 讛讝诪讬谞讛 讗讜转讬 诇谞讗讜诐 讘讻谞住 讛砖谞转讬 砖诇讛诐 (讘砖诐 讛诪拽讜专讬 Mobile Beach) 讘讗讜讚住讛. 讟讬住讛 讜诪诇讜谉 注诇 讞砖讘讜谞诐. 注讚 讻讗谉 讛讻讜诇 住讘讬专 1/4
拽讬讘诇转诐 驻注诐 讛爪注讛 诪讙讜谞讛 讘住讬讟讜讗爪讬讛 注住拽讬转?
3
1
32
In 2016, @dagrz gave one of the greatest cloud security talks ever, filled with new techniques that have been rediscovered repeatedly in the years since. I've remastered it from video obtained from an audience member and the slide deck.
13
71
315
Just stumbled upon this repo [ https://t.co/RVvBgQ6NL8] for creating some basic in-house cloud detection rules. Great stuff!
github.com
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic - sbasu7241/AWS-Threat-Simulation-and-Detection
0
0
3
Just finished reading through the AWS Customer Security Incidents list [ https://t.co/VUegFDwndR] by @ramimacisabird. Really amazing work! This information is so hard to come by!
0
0
5