My Blog

Day 88 of my cloud security journey - CICD Goat - Gryphon

Day 87 of my cloud security journey - CICD Goat - Insufficient Flow Control Mechanism

Day 86 of my cloud security journey - CICD Goat - Improper Artifact Integrity Validation

Day 85 of my cloud security journey - CICD Goat - Inadequate Identity and Access Management

Day 84 of my cloud security journey - CICD Goat - Insufficient Flow Control Mechanisms

Day 83 of my cloud security journey - CICD Goat - Dependency Chain Abuse

Day 82 of my cloud security journey - CICD Goat - Insufficient PBAC

Day 81 of my cloud security journey - CICD Goat - PPE

Day 80 of my cloud security journey - CICD Goat - Secret Leakage

Day 79 of my cloud security journey - CICD Goat - Indirect Poisoned Pipeline Execution (PPE)

Day 78 of my cloud security journey - CICD Goat - Direct Poisoned Pipeline Execution (PPE)

Day 77 of my cloud security journey - Wiz - The Cloud Hunting Games

Day 76 of my cloud security journey - Introduction

Day 75 of my cloud security journey - SSRF on IMDSv1 - Simulation and Detection - Part 3

Day 74 of my cloud security journey - SSRF on IMDSv1 - Simulation and Detection - Part 2

Day 73 of my cloud security journey - SSRF on IMDSv1 - Simulation and Detection - Part 1

Day 72 of my cloud security journey - Cryptominer Based Security Events - Simulation and Detection - Part 2

Day 71 of my cloud security journey - Cryptominer Based Security Events - Simulation and Detection - Part 1

Day 70 of my cloud security journey - AWS CIRT WorkShop - Ransomware on S3 – Security Event Simulation and Detection - Part 2

Day 69 of my cloud security journey - AWS CIRT WorkShop - Ransomware on S3 – Security Event Simulation and Detection - Part 1

Day 68 of my cloud security journey - AWS CIRT WorkShop - Unauthorized IAM Credential Use – Security Event Simulation and Detection

Day 67 of my cloud security journey - PWNED LABS - Execute and Identify Credential Abuse in AWS

Day 66 of my cloud security journey - Assume Privileged Role with External ID

Day 65 of my cloud security journey - Cloud Security Journey

Day 64 of my cloud security journey - PWNED LABS - Breach in the Cloud

Day 63 of my cloud security journey - Cloud Security Journey

Day 62 of my cloud security journey - Cloud Security Journey

Day 61 of my cloud security journey - PWNED LABS - Investigate Threats with Amazon Detective

Day 60 of my cloud security journey - PWNED LABS - Secure S3 with Amazon Macie

Day 59 of my cloud security journey - PWNED LABS - Leverage Insecure Storage and Backups for Profit - Part 2

Day 58 of my cloud security journey - PWNED LABS - Leverage Insecure Storage and Backups for Profit - Part 1

Day 57 of my cloud security journey - PWNED LABS - Identify IAM Breaches with CloudTrail and Athena

Day 56 of my cloud security journey - PWNED LABS - Reveal Hidden Risks with AWS Security Hub

Day 55 of my cloud security journey - PWNED LABS - Understand Authentication Mechanisms Using Boto3

Day 54 of my cloud security journey - Cloud Security Journey

Day 53 of my cloud security journey - Attack - detection_evasion - Part 2

Day 52 of my cloud security journey - Attack - detection_evasion - Part 1

Day 51 of my cloud security journey - Cloud Security Journey

Day 50 of my cloud security journey - Attack - rds_snapshot

Day 49 of my cloud security journey - Hardening — iam_privesc_by_ec2

Day 48 of my cloud security journey - Cloud Security Journey

Day 47 of my cloud security journey - Hardening — iam_privesc_by_ec2

Day 46 of my cloud security journey - Attack — iam_privesc_by_ec2

Day 45 of my cloud security journey - Hardening — iam_privesc_by_attachment

Day 44 of my cloud security journey - Attack — iam_privesc_by_attachment

Day 43 of my cloud security journey - Hardening — ecs_takeover

Day 42 of my cloud security journey - Attack — ecs_takeover

Day 41 of my cloud security journey - Hardening `glue_privesc`

Day 40 of my cloud security journey - Attack — `Glue_privesc` - Part 2

Day 39 of my cloud security journey - Attack — `Glue_privesc` - Part 1

Day 38 of my cloud security journey - Hardening `rce_web_app`

Day 37 of my cloud security journey - Attack — `rce_web_app` - Part 2

Day 36 of my cloud security journey - Attack — `rce_web_app` - Part 1

Day 35 of my cloud security journey - Hardening `secrets_in_the_cloud`

Day 34 of my cloud security journey - Cloud Security Journey

Day 33 of my cloud security journey - Attack — `vpc_peering_overexposed` — Part 1 (and) Hardening - `vpc_peering_overexposed`

Day 32 of my cloud security journey - Attack — `vpc_peering_overexposed` — Part 1

Day 31 of my cloud security journey - Hardening - `iam_privesc_by_key_rotation`

Day 30 of my cloud security journey - Attack — `iam_privesc_by_key_rotation`

Day 29 of my cloud security journey - Hardening - `ecs_efs_attack`

Day 28 of my cloud security journey - Attack — `ecs_efs_attack` - Part 2

Day 27 of my cloud security journey - Attack — `ecs_efs_attack` - Part 1

Day 26 of my cloud security journey - Hardening - `ec2_ssrf`

Day 25 of my cloud security journey - Attack — `ec2_ssrf`

Day 24 of my cloud security journey - Hardening - `codebuild_secrets`

Day 23 of my cloud security journey - Attack — `codebuild_secrets` - Part-2

Day 22 of my cloud security journey - Attack — `codebuild_secrets` - Part 1

Day 21 of my cloud security journey - Cloud Security Journey

Day 20 of my cloud security journey - Defend - `federated_console_takeover`

Day 19 of my cloud security journey - Attack — `federated_console_takeover`

Day 18 of my cloud security journey - Defend - `sqs_flag_shop`

Day 17 of my cloud security journey - Attack — `sqs_flag_shop`

Day 16 of my cloud security journey - Defend - `cloud_breach_s3`

Day 15 of my cloud security journey - Attack — `cloud_breach_s3`

Day 14 of my cloud security journey - Cloud Security Journey

Day 13 of my cloud security journey - Cloud Security Journey

Day 12 of my cloud security journey - Defend - `vulnerable_cognito`

Day 11 of my cloud security journey - Cloud Security Journey

Day 10 of my cloud security journey - Defend Reports for Day 7 - `lambda_privesc`

Day 9 of my cloud security journey - AWS Lambda Privilege Escalation - Penetration Test Report - Claude Code

Day 8 of my cloud security journey - Defend - `lambda_privesc`

Day 7 of my cloud security journey - Attack — `lambda_privesc`

Day 6 of my cloud security journey - Defend - `beanstalk_secrets`

Day 5 of my cloud security journey - Attack — `beanstalk_secrets`

Day 4 of my cloud security journey - Defend - `sns_secrets`

Day 3 of my cloud security journey - Cloud Security Journey

Day 2 of my cloud security journey - Defend

Day 1 of my cloud security journey - Attack or Defend

Day 0 of my cloud security journey - Lab Setup