Security Shenanigans – Medium

Home

Following

Library

Reading history

Stories

Stats

Security Shenanigans

Pinned

Published in
InfoSec Write-ups

Enumeration and lateral movement in GCP environments

This write up is about a pentest we did in which we managed to compromise a hybrid GCP hosted infrastructure using native GCP tools for…

Jun 1, 2022

Enumeration and lateral movement in GCP environments

Jun 1, 2022

Published in
InfoSec Write-ups

Architecture of a ransomware (2/2)

In part 1(https://securityshenaningans.medium.com/architecture-of-a-ransomware-1-2-1b9fee757fcb) we explained key concepts necessary to…

Nov 26, 2020

Architecture of a ransomware (2/2)

Nov 26, 2020

Published in
InfoSec Write-ups

Architecture of a ransomware (1/2)

Last couple of months we’ve seen a rise in ransomware related incidents, mostly due to the increase of remote work COVID-19. Nevertheless…

Nov 24, 2020

Architecture of a ransomware (1/2)

Nov 24, 2020

Published in
InfoSec Write-ups

Recipe for a successful phishing campaign (part 2/2)

Recap: In part 1 we saw general considerations you should keep in mind in order to start setting up your infrastructure…

Oct 15, 2020

Recipe for a successful phishing campaign (part 2/2)

Oct 15, 2020

Published in
InfoSec Write-ups

Recipe for a successful phishing campaign (part 1/2)

Introduction

Oct 13, 2020

Recipe for a successful phishing campaign (part 1/2)

Oct 13, 2020

Published in
InfoSec Write-ups

Exploiting AWS IAM permissions for total cloud compromise: a real world example (part 2/2)

Introduction

Oct 1, 2020

Exploiting AWS IAM permissions for total cloud compromise: a real world example (part 2/2)

Oct 1, 2020

Published in
InfoSec Write-ups

Exploiting fine-grained AWS IAM permissions for total cloud compromise: a real world example (part…

Introduction

Sep 29, 2020

Exploiting fine-grained AWS IAM permissions for total cloud compromise: a real world example (part…

Sep 29, 2020

Published in
InfoSec Write-ups

AWS IAM explained for Red and Blue teams

Introduction

Sep 24, 2020

AWS IAM explained for Red and Blue teams

Sep 24, 2020

Published in
InfoSec Write-ups

Combining Hadoop and MCollective for total network compromise

This is the story of how only two insecure configurations allowed us to take down an entire cloud hosted company. It was a gray box…

Sep 22, 2020

Combining Hadoop and MCollective for total network compromise

Sep 22, 2020

Published in
InfoSec Write-ups

How a badly configured DB allowed us to own an entire cloud of over 25K hosts (part 2/2)

On part 1 we briefly explained how we got administrator privileges to almost all BMC devices hosting a native Openstack cloud. In this…

Sep 3, 2020

How a badly configured DB allowed us to own an entire cloud of over 25K hosts (part 2/2)

Sep 3, 2020

Published in
InfoSec Write-ups

How a badly configured DB allowed us to own an entire cloud of over 25K hosts (part 1/2)

Introduction

Sep 1, 2020

How a badly configured DB allowed us to own an entire cloud of over 25K hosts (part 1/2)

Sep 1, 2020

Published in
InfoSec Write-ups

Building a SIEM: combining ELK, Wazuh HIDS and Elastalert for optimal performance

When putting together a SIEM, one of the first things that you need to decide on is the distributed architecture you’re going to choose…

Aug 25, 2020

Building a SIEM: combining ELK, Wazuh HIDS and Elastalert for optimal performance

Aug 25, 2020

Published in
InfoSec Write-ups

Why you should always scan UDP (part 2/2)

We finished part 1 having gained unprivileged access to a host in a new network. Afterwards, we wanted to gain privileges to continue…

Aug 20, 2020

Why you should always scan UDP (part 2/2)

Aug 20, 2020

Published in
InfoSec Write-ups

Why you should always scan UDP ports (part 1/2)

IntroductIn this story we’ll see how we exploited snmp vulnerabilities, bypassed firewall rules and AppArmor to compromise the network.

Aug 18, 2020

Why you should always scan UDP ports (part 1/2)

Aug 18, 2020

Published in
InfoSec Write-ups

Chaining multiple vulnerabilities to exfiltrate over 250GB of PIA

This is a write-up of an internal pentest we did a couple of years ago, that involved several small vulnerabilities but allowed us to…

Aug 10, 2020

Chaining multiple vulnerabilities to exfiltrate over 250GB of PIA

Aug 10, 2020

Published in
InfoSec Write-ups

Building a SIEM: centralized logging of all Linux commands with ELK + auditd

Recently, working with the SOC department, we had to enable command logging for more than 10k instances. We also needed to implement a way…

Aug 6, 2020

Building a SIEM: centralized logging of all Linux commands with ELK + auditd

Aug 6, 2020

Published in
InfoSec Write-ups

The danger of world writable NFS shares

Disclaimer: to prevent information leaks for this company, most of the evidence/screenshots here were recreated from the real ones as…

Aug 4, 2020

The danger of world writable NFS shares

Aug 4, 2020

Security Shenanigans

Security Shenanigans

I’m a security engineer who enjoys writing about experiences in the infosec field.

Following

Help
Status
About
Careers
Press
Blog
Privacy
Rules
Terms
Text to speech