all InfoSec news
Hack AWS S3 — Catch AWS Account!
Sept. 17, 2022, 9:50 p.m. | Sena Yakut
DEV Community dev.to
In this blog, I'll show you a nightmare scenario that could happen if you're storing your secrets in a publicly accessible AWS S3 bucket. Let's hack together!
1) Let’s assume that we’ve found an information security website. We started to investigate the DNS records related to this domain with MXToolBox.
2) We found this website is hosted with S3. Let’s try to list the AWS S3 objects with our AWS credentials.
3) Yes! This bucket is public, and we …
More from dev.to / DEV Community
API 101 using POSTMAN
17 hours ago |
dev.to
HackTheBox - Writeup Builder [Retired]
19 hours ago |
dev.to
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Officer Hospital Laguna Beach
@ Allied Universal | Laguna Beach, CA, United States
Sr. Cloud DevSecOps Engineer
@ Oracle | NOIDA, UTTAR PRADESH, India
Cloud Operations Security Engineer
@ Elekta | Crawley - Cornerstone
Cybersecurity – Senior Information System Security Manager (ISSM)
@ Boeing | USA - Seal Beach, CA
Engineering -- Tech Risk -- Security Architecture -- VP -- Dallas
@ Goldman Sachs | Dallas, Texas, United States