Share this page!

Nairuz Abulhul Profile picture
Twitter logo
3 Jan, 4 tweets, 3 min read
Great article by @StafordTitus for demonstrating cloud attack scenarios.

Learned about:
1- CloudGoat by @RhinoSecurity - Vulnerable AWS Lab for practicing cloud pentesting scenarios.
2- Privilege Escalation thru IAM policy misconfiguration
3- S3 Bucket Enumeration

#infosec
I have been putting off learning about the cloud for a while now. The main reason is that there are plenty of products and tools to learn that make it daunting and complex for newcomers—this year's goals to look into it in-depth and understand the fundamentals.
#aws
Planning to start the journey with Cloud Security Bootcamp by @SecurityTube @vivekramac and play with the CloudGoat Labs afterwards.

#pentesting
@threadreaderapp unroll

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Nairuz Abulhul

Nairuz Abulhul Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @NairuzAbulhul

Nairuz Abulhul Profile picture
31 Dec 20
Interesting read on a persistence technique using VMs during lateral movements.

Shadowbunny - Leveraging Virtual Machines to Persist and Evade Detections by @wunderwuzzi23

#infosec #Pentesting
Interesting points from the article of why VMs can be used as a persistence technique during a pentesting or redteam engagement:
- Lack of monitoring and security controls inside the VM
- They can be setup automatically in case the host reboots
Obfuscation - VMs can use disk encryption to make forensic investigations difficult
• Backdoor - Many virtualization products come with features to establish native host connections that might
stay undetected (such as Shared Folders for persistent access to files on the host)
Read 4 tweets
Nairuz Abulhul Profile picture
17 Dec 19
OWASP Mitigation : P1
Authentication and session management :
- Make usernames, passwords and authentication data case sensitive and unique for each user
#infosec #websecurity #owasp
Password auditing:
- Use complex password policy: upper and lower cases with special characters
- Long phrases are better to use instead of a regular complex password because they are unique and easy to remember
- Forbid the use of common passwords i.e password123
- Use Multifactor authentication [MFA]
- Use strong hashing algorithm such as SHA-2, bcrypt
- Limit session expiration time
- Use generic error messages for incorrect login attempts to avoid revealing information an attacker can useduring their enumeration process
Read 5 tweets
Nairuz Abulhul Profile picture
13 Dec 19
SQL injection mitigations: Method #1
"Prepared Statements" is including place holders instead of variables in SQL queries that later on would be replaced by the user's input.
The SQL statement will run first with the place holder and then the actual data will be sent to the database and replace the placeholder inside SQL statements
Ex of a prepared statement

String email = "user@email.com";

String sql = "SELECT * FROM users WHERE email = ?";
Read 6 tweets
Nairuz Abulhul Profile picture
9 Dec 19
In a second order SQL injection, an application takes a user input from an HTTP request and stores it for future retrieval. It is two parts injection
#HTB #infosec #websecurity
An example of this would be a vulnerable application that has "sign up" page and "login page". The sign up page would be used to send POST requests to store data in the db in a form of SQL query and the login page would be used to send different POST requests to retrieve thedata
@LissanonCedric actually, no both requests are POST requests. That was a typo, I fix it . Thanks for bring it up 👍
Read 4 tweets
Nairuz Abulhul Profile picture
4 Dec 19
Same Origin Policy is a web security concept that allows browsers to prevent loading scripts from different sources or reading cookies and session data remotely. It helps to prevent basic XSS and CSRF attacks #websecurity #infosec
An origin consists of a URI scheme://+host name + port number
Ex: example.com:8080
*If no port is given, it will be given the default port of the scheme. HTTP is 80 and HTTPS is 443
This policy allows browsers to load and read data from the scope of the same origin only
Ex: company.com as an origin can load scripts and read data only from pages that have the same origin as http:// company.com or company.com/dir/
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @NairuzAbulhul has new unrolls!

Check out other threads from @NairuzAbulhul!

Read all threads by @NairuzAbulhul