• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
Craig Hays

Craig Hays

  • Cybersecurity
  • Principles
  • Newsletter
  • Learn Cyber Security
    • Hacking and Defending User Accounts
    • Learning Guides
  • Contact
  • Show Search
Hide Search
You are here: Home / Archives for AWS

AWS

How to Define Vulnerability Testing Scope

August 3, 2019 By Craig Hays Leave a Comment

Reading Time: 6 minutes

When it comes to vulnerability testing, what should be in scope? In my view, that’s a really easy question to answer.

Everything.

Everything connected to your organisation’s network or using your organisation’s resources, including in the cloud, are in scope. The weighting of vulnerability findings will take into consideration their physical location as well as the data they hold and the services they provide. This might also change the frequency of vulnerability tests you run against them. Unless we include it in scope we’ll never know what risk it presents to us.

Focus Areas

  1. Networked devices
  2. Cloud Services
  3. Mobile devices (smartphones, tablets, etc.)
[Read more…] about How to Define Vulnerability Testing Scope

Bug Bounty Hunting Tips #3 — Kicking S3 Buckets

February 22, 2018 By Craig Hays Leave a Comment

Reading Time: 4 minutes

There has been a lot of press recently about misconfigured Amazon S3 buckets leaking confidential information. The root cause of this is that in the past S3 buckets have been incredibly easy to misconfigure. Sometimes buckets are made web accessible by anyone. Other times buckets are web restricted but can be accessed through Amazon S3 API by any authorised user.

Due to the nature and number of these breaches, Amazon have recently released their Trusted Advisor service for S3 for free to everyone to try to crack down on the problem. The challenge now is getting people to look at the new output and make changes based on the feedback. In the meantime, let’s have some fun kicking over S3 buckets to see what bounties fall out.

Finding S3 Buckets

S3 buckets are all reachable via a web interface, whether access is permitted or not. The URL format is:

[Read more…] about Bug Bounty Hunting Tips #3 — Kicking S3 Buckets

Primary Sidebar

Newsletter

Want to get smarter about cyber security? Join my growing list of newsletter readers for exclusive news, reviews, how-tos, and more.

· © Craig Hays, 2006–2023 ·

  • Phishing