AWS Privilege Escalation using add user to group.

Posted on Tue 29 October 2019 in cloud-security • Tagged with aws pentest, aws privilege escalation, awscli privilege, aws security

The blogpost covers privelege escalation for an aws token recieved using add user to group privilege.

Continue reading

Integrating Baseline Security Needs into your Company.

Posted on Sat 12 October 2019 in devsecops • Tagged with devsecops, security in ci/cd, development pipeline security, baseline security for companies, cloud security

Highlights the needs of baseline security in a startup with a single security engineer hired and areas where importance is deserved.

Continue reading

Blog Setup using Gitlab Pages and Pelican

Posted on Mon 03 September 2018 in Development • Tagged with Gitlab pages, development, gitlab pages custom domain

Walkthrough of my current blog architecture.

Continue reading

JS Security Notes

Posted on Sat 12 May 2018 in js-security, notes

Refersher of JS Security - I learned overwhile. Contains basic information on how browser works along with javascript and implementation of security within the browser with respect to JS.

Continue reading

Vulnerable Application wrapper for AWS Lambda

Posted on Thu 21 December 2017 in Pentesting • Tagged with AWS, AWS Lambda Vulnerable Application, Pentesting AWS Lambda, AWS Lambda

AWS lambda is a serverless platform for deploying your applications.It makes use of the use and throw functionality, where it creates a sandbox and then destroys it once it is done.

Continue reading