Notes from Blog Posts

As a security researcher I read a lot of blog posts. Reading once doesn’t mean learning (atleast in my case). So I write down the important points I wish to learn from the blog posts and regularly recall them. Cloud Exploiting SSRF in AWS Elastic Beanstalk When you get SSRF in AWS instance, try to…

Efficient way to pentest Android Chat Applications

Setting up a pentest environment for a single Android application to test its functionalities is simple. The process involves just setting up an Android emulator, installing the app, sending the traffic through a proxy tool like BurpSuite and playing with the traffic to find interesting behaviour. When it comes to setting up pentest environment for…

Architecting the Cloud

The five characteristics of cloud computing are network access, elasticity, resource pooling, measured service and on-demand self-service Cloud bursting – application deployment model in which an application runs in a private cloud or data center and bursts into a public cloud when the demand for computing capacity spikes. Cloud computing worst practices Traditional software –…