AWS S3 POST Policy and Application Logic
I think application security is very much a friend of the cloud security because at all conditions they move in lockstep to keep things safer in the production world. I…
Category: Miscellaneous
Directory Listing and WordPress: Escalating Old School Bug
Introduction I vividly remember the days when directory listing was regarded as a significant issue during penetration testing engagements. As a penetration tester, another challenge was identifying creative ways to…
Passing Google Cloud Professional Security Engineer (GCPCE)
My inaugural experience with the Google Cloud Platform dates back to 2017. Embarking on the journey to become a Google Cloud Professional Security Engineer (GCPSE) may not seem extraordinary at…
OWASP Kathmandu Secret Badge CTF
On September 3rd, 2022, We organized the very first meetup of OWASP Kathmandu local chapter. Our(I and Corrupted_brain) minds were bursting with hundreds of ideas to make the event interesting…
Passing AWS Cloud Security Specialty.
I have always wondered what it takes to secure the AWS cloud from the next day of passing the Azure Security Engineer Associate exam. The purpose behind both exams is…
CEH Practical Walkthrough
CEH Practical is a 6 hours lab-based practical exam that includes a set of challenges with Web, Host, Forensic, and Network. The exam took place in iLabs, where we are…