Tech Blog

IAM Vulnerable - Assessing the AWS Assessment Tools
IAM Vulnerable - An AWS IAM Privilege Escalation Playground
You're Doing IoT RNG
LEXSS: Bypassing Lexical Parsing Security Controls
An Exploration of JSON Interoperability Vulnerabilities
Bad Pods: Kubernetes Pod Privilege Escalation
Lessons Learned on Brute-forcing RMI-IIOP With RMIScout
Design Considerations for Secure GraphQL APIs
Design Considerations for Secure Cloud Deployment
h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c)