all InfoSec news
AWS/S3 Subdomain Takeover
Jan. 25, 2024, 9:29 a.m. | Scott Lindh
InfoSec Write-ups - Medium infosecwriteups.com
Write up about how I successfully took over the subdomain of an AWS/S3 bucket.
A Subdomain takeover is a cybersecurity vulnerability where attackers exploit abandoned or misconfigured subdomains, gaining unauthorized control. This can lead to malicious activities such as phishing, malware distribution, and defacement.This 404 suggests something interesting and that is that “No such Bucket” exists…..These are the steps I took to successfully take over this subdomain and link it to my own AWS bucket
- Enumerate subdomains using a …
attackers aws bug bounty bug-bounty-tips can control cybersecurity defacement distribution exploit hacking hacking tools malicious malware malware distribution misconfigured pentesting phishing s3 bucket subdomain subdomains subdomain takeover takeover unauthorized vulnerability
More from infosecwriteups.com / InfoSec Write-ups - Medium
Subdomain takeover via AWS s3 bucket
4 days, 2 hours ago |
infosecwriteups.com
Understanding the CrowdStrike 2024 Global Threat Report
4 days, 2 hours ago |
infosecwriteups.com
Prevent Cross-Site Scripting Attacks in Node.js
4 days, 2 hours ago |
infosecwriteups.com
HTB: Bizness walkthrough
4 days, 2 hours ago |
infosecwriteups.com
CozyHosting HTB Easy | Walkthrough
4 days, 2 hours ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC