Designing least privilege AWS IAM policies for people, fuzzing 5G and CPUs by proxy, the first security scanner for Istio.
Effectively shifting left, protecting your S3 buckets from ransomware, exercises to learn Falco in your browser.
New issue of Phrack, 10 often missed web vulnerabilities, Facebook whistleblower comes forward about the dangers of its products.
Setting up strong AWS security guardrails, tool to explore lateral movement and privilege escalation in GitHub orgs, dank AWS memes from Corey Quinn.
Detailed breakdown of why authorization is hard, how we should approach vendor security going forward, a Chrome extension to find secrets.
How to build security tooling developers love, a playground to practice privilege escalation in AWS, career advice from @lcamtuf and Corey Quinn.
Infosec infographics, GraphQL guide and server fingerprinting tool, a survey of the trade-offs of various API token types.
How to mentor and grow employees, Mark Dowd on how and why defense is gaining the advantage, and a plugin to bridge Ghidra and Frida.
Travis McPeak recommends
[tl;dr sec] 98 - Cloud Security Orienteering, Last S3 Document You’ll Need
How to orienteer in a cloud environment, dig in to identify the risks that matter, and put together actionable plans that address short, medium, and long term goals.
[tl;dr sec] #97 - Attacking HTTP/2, Securing GitHub Projects
![[tl;dr sec] #106 - Least Privilege IAM, Fuzzing, Istio Scanner](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2024-11-21_at_10.48.21_AM.png)
