This week's articles
Attacking GitLab CI/CD via Shared Runners
An attacker who can get their malicious pipeline executing on a runner can steal information for other work executing on the same runner, and subsequently gain access to production systems.
#attack
#ci/cd
Reversing AWS IAM unique IDs
How to identify the ARN of a user/role from AWS IAM unique IDs, often seen in CloudTrail logs.
#aws
#explain
#iam
Okta for Red Teamers - Perimeter Edition
Post focusing on red team strategies for targeting Okta in initial access phases. It covers identifying Okta portals, setting up phishing infrastructure, evading Okta's behavioral detection, and prevention and detection recommendations for blue teams.
#attack
#saas
|