all InfoSec news
Hack AWS S3 — Catch AWS Account!
Sept. 17, 2022, 9:50 p.m. | Sena Yakut
DEV Community dev.to
In this blog, I'll show you a nightmare scenario that could happen if you're storing your secrets in a publicly accessible AWS S3 bucket. Let's hack together!
1) Let’s assume that we’ve found an information security website. We started to investigate the DNS records related to this domain with MXToolBox.
2) We found this website is hosted with S3. Let’s try to list the AWS S3 objects with our AWS credentials.
3) Yes! This bucket is public, and we …
More from dev.to / DEV Community
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC