Goodycybgoodycyb.hashnode.dev·Sep 29, 2024Threat detection🕵️‍♂️ With Flaws.cloud CloudTrail Logs using ELK StackThis project demonstrates the deployment of the ELK Stack on an AWS EC2 instance and the ingestion of Flaws.cloud CloudTrail logs into the ELK Stack for threat detection. 💡 Side Note: When you click on the link in each step, you will be redirected...Threat Detection 💡🕵️‍♂️🕸️elk
Akanksha Girisecureshells.hashnode.dev·Aug 28, 2024flAWS Walkthrough Level 4 - Level 6LEVEL 4 First, I tried to directly access the URL of EC2 instance but it needed credentials. So from the description it looks like we don’t have access to EC2 but we’ve permission to take backups or snapshots of EC2 and then we can load it in our o...#flaws.cloud
Akanksha Girisecureshells.hashnode.dev·Aug 28, 2024flAWS Walkthrough Level1 - Level3LEVEL 1 In Level 1 of the flAWS challenge, we explore AWS S3 buckets and their security implications. The key goal in this level is to uncover the first sub-domain by understanding how S3 bucket permissions work and how they can be misconfigured. Le...flAWS
Goodycybgoodycyb.hashnode.dev·Aug 11, 2023Level-3: Metadata Services at 169.254.170.2For Level 3, the container’s webserver can be accessed with http://container.target.flaws2.cloud/proxy/http://flaws.cloud or http://container.target.flaws2.cloud/proxy/http://neverssl.com NOTE Credentials Location: EC2 instances store their IAM rol...AWS
Goodycybgoodycyb.hashnode.dev·Aug 11, 2023Level 2 - Containers Environmental VariablesAs stated in the Instruction, this level is operating within a container, resembling the setup of a website hosted on an S3 bucket along with other resources having open permissions. Just as a hint, the Elastic Container Registry (ECR) is named "leve...Flaws.CloudAWS
Goodycybgoodycyb.hashnode.dev·Aug 11, 2023Level-1: Input validation leading to compromisesFirst, see how to identify IPs and sub-domains associated with flaws2.cloud using nslookup Several IP addresses were identified. Now using nslookup command on the discovered IPs An AWS S3 bucket was identified: s3-website-us-east-1.amazonaws.co...32 readsFlaws.CloudAWS
Goodycybgoodycyb.hashnode.dev·Aug 8, 2023Analyzing CloudTrail Logs for AWS Security Incidents.🚀 Sign up for the challenge Here by Cyber-defender for Free AIM This lab aims to analyze the CloudTrail logs for AWS security incidents related to the IAM User "Security”. Disclaimer Keep in mind that the challenge questions are not directly stated ...84 readsThreat Detection 💡🕵️‍♂️🕸️AWS CloudTrail
Goodycybgoodycyb.hashnode.dev·Jun 20, 2023Level -6: "Auditing misconfigured IAM Account”In this final challenge, we are provided with a user access key that has the Security Audit policy attached to it. We are tasked with exploring the capabilities of this access key and uncovering any additional information or resources within the AWS ...26 readsaws-apigateway
Goodycybgoodycyb.hashnode.dev·Jun 20, 2023Level - 5: Exploiting Exposed Meta-DataWelcome to Level 5. For this level, we are given access to an EC2 instance hosting a simple HTTP proxy. The proxy allows us to access external resources through it. We are tasked with using this proxy to list the contents of the level 6 bucket level6...2 likes·45 readsFlaws.Cloudmetadata aws
Goodycybgoodycyb.hashnode.dev·Jun 20, 2023Level - 4: Exploiting Unencrypted EBS volume SnapshotsWelcome to Level 4. We have been assigned the task of accessing the web page running on an EC2 at 4d0cf09b9b2d761a7d87be99d17507bce8b86f3b.flaws.cloud for this level. 💡 💡 Recall at the end of Level -3, we were able to view the secret access key cr...28 readsAWS ebs