AWS | MrHacker

Fashion marketplace giant 21 Buttons exposes millions of users’ data

An alarming aspect of the entire incident is that vpnMentor contacted both 21 Buttons and Amazon but no one responded nor cared...

2.4K

Data Security

Pray.com exposed data of millions after database mess up

Pray.com applied poor security potentially exposing nearly 10 million users to frauds and cyberattacks, claim VpnMentor’s researchers. VpnMentor research team led by...

1.2K

Security Tools

Leonidas – Automated Attack Simulation In The Cloud

Leonidas is a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics,...

3.7K

Data Security

Hotel reservation platform leaked user data from top online booking sites

The list of online booking sites affected by the breach includes some of the top industry giants including Booking.com. A Barcelona,...

5.0K

Vulnerability Analysis

Taken – Takeover AWS Ips And Have A Working POC For Subdomain Takeover

Takeover AWS ips and have a working POC for Subdomain Takeover. Idea is simple Get subdomains. Do reverse lookups to only...

1.4K

Security Tools

Autovpn – Create On Demand Disposable OpenVPN Endpoints On AWS

Script that allows the easy creation of OpenVPN endpoints in any AWS region. To create a VPN endpoint is done with...

3.7K

System Administration

SpaceSiren – A Honey Token Manager And Alert System For AWS

SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and manage...

1.9K

Cyber Crime

Ex-employee hacked Cisco’s AWS Infrastructure; erased virtual machines

Sudhish Kasaba Ramesh, an Indian citizen on an H1-B visa has pleaded guilty to “Damaging Cisco’s Network.” Employee malcontent can lead to...

3.7K

Security Tools

AWS Recon – AWS Inventory Collection Tool With A Focus On Security

A multi-threaded AWS inventory collection tool. The creators of this tool have a recurring need to be able to efficiently collect...

4.4K

Information Gathering

DAGOBAH – Generate Internal Threat Intelligence & Compliance Data

Dagobah is an open source tool written in python to automate the internal threat intelligence generation, inventory collection and compliance check...

2.8K

Security Tools

Bastillion – Web-Based SSH Console That Manages Access

Bastillion is a web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution...

1.6K

Reporting Tools

AWS Report – A Tool For Analyzing Amazon Resources.

AWS Report is a tool for analyzing amazon resources. Install using PIP pip install awsreport Features Search IAM users based on...

1.8K

Data Security

350 million email addresses exposed on misconfigured AWS S3 bucket

It is still unclear who owned the misconfigured Amazon S3 bucket. Running out of introductions for reporting on something that happens...

1.8K

Security Tools

SkyArk – Discover, Assess And Secure Privileged Entities In Azure & AWS

SkyArk is a cloud security project with two main scanning modules: AzureStealth – Scans Azure environments AWStealth – Scan AWS environments...

4.1K

Data Security

Sensitive data of cyber security firm & other businesses leaked online

In addition to the cyber security firm, the 343GB worth of leaked data belongs to universities, an insurance firm, non-profit, and public...

97

System Administration

Cloudsplaining – AWS IAM Security Tool That Identifies Violations

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. Example...

86

Data Security

5 dating apps caught leaking millions of user-sensitive data

All 5 apps were exposing user data due to database misconfiguration. The IT researchers at WizCase recently discovered data leaks and privacy...

2.9K

System Administration

How to Make Your Own VPN using OpenVPN

OpenVPN is open-source commercial software that implements virtual private network techniques to create secure point-to-point or site-to-site connections in routed or...