National Cyber Warfare Foundation (NCWF) Forums


Capturing Exposed AWS Keys During Dynamic Web Application Tests
0 user ratings		2024-07-18 23:40:48
milo
Blue Team (CND)

Overview We have recently identified several vulnerable HTTP requests that allow attackers to capture access keys and session tokens for a web application’s AWS infrastructure. Attackers could use these keys and tokens to access back-end IOT endpoints and CloudWatch instances to execute commands. This blog was developed to raise awareness on common design flaws in […]


The post Capturing Exposed AWS Keys During Dynamic Web Application Tests appeared first on Praetorian.


The post Capturing Exposed AWS Keys During Dynamic Web Application Tests appeared first on Security Boulevard.



Thomas Tan

Source: Security Boulevard
Source Link: https://securityboulevard.com/2024/07/capturing-exposed-aws-keys-during-dynamic-web-application-tests/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Blue Team (CND)


Copyright 2012 through 2024 - National Cyber Warfare Foundation - All rights reserved worldwide.