Hi readers, here we will be solving the GCPGoat module 1(Path 1). We will be going through the first path in this walk-through as shown in the diagram below. Video Walk-through: https://www.youtube.com/watch?v=cM46_c-zxh4 Solving Challenge- Finding storage buckets being used by web app- a. In the previous path (https://www.youtube.com/watch?v=dtLg4Z8bHNk&t=498s), we found a GCP…

Hi readers, here we will be deploying and solving GCPGoat module 1 challenge. We will be going through the second path in this walkthrough, as shown in the diagram below. Video Walkthrough: https://www.youtube.com/watch?v=fyCtrM3eCd8 https://www.youtube.com/watch?v=dtLg4Z8bHNk Prerequisites- a. Admin access in the GCP account(You can create a new free tier account) b…

Hi readers, here we will be looking into how can we allow Kubernetes to perform certain tasks in aws. We will also see how we can further fine-tune access to only specific service accounts within EKS cluster. Setting up scenario- Note: Before proceeding make sure your aws cli profile account and the aws…

Hi readers, here we will see how someone knowing/guessing role arn created for GitHub actions can escalate privileges. Creating scenario- Let’s assume we want GitHub actions to perform certain operations in our AWS account. For this example, we will be listing s3 buckets using GitHub actions. Steps- Adding GitHub as an Identity…

Hi readers, here we will be looking into creating malicious word documents with the intent of running system commands using macro functionality. Below is the sample VBA code for automatically opening notepad.exe. Sub AutoOpen() Dim Shell As Object Set Shell = CreateObject("wscript.shell") Shell.Run "notepad" End Sub Steps to add VBA…

https://gcpgoat.joshuajebaraj.com/ Scenario-1 Attacking Compute Engine Deployment ./create-scenario-1.sh Web Server: 35.194.173.109 2. Enumerating web server and finding ssrf- a. This web app loads websites and shows http responses-

Scenerio 11- detection_evasion git clone https://github.com/RhinoSecurityLabs/cloudgoat.git cd cloudgoat chmod +x cloudgoat.py ./cloudgoat.py config whitelist --auto ./cloudgoat.py create detection_evasion Scenario Resources (High Level) 4 IAM Users 2 EC2 instances 2 SecretsManager secrets A suite of detection mechanisms Scenario Start(s) 4 pairs of IAM Credentials. Scenario Goal(s) The goal of this scenario is to read out the values for both secrets without being…

Scenerio 9- codebuild_secrets git clone https://github.com/RhinoSecurityLabs/cloudgoat.git cd cloudgoat chmod +x cloudgoat.py ./cloudgoat.py config whitelist --auto ./cloudgoat.py create codebuild_secrets Scenario Resources 1 CodeBuild Project 1 Lambda function 1 VPC with: RDS x 1 EC2 x 1 2 IAM Users Scenario Start(s) IAM User “Solo” Scenario Goal(s) A pair of secret strings stored in a secure RDS database.