No-Slop Research & Human Thoughts on Security

Topic

aws

A collection of 2 issues

Attacks as a Service with The DeRF

Leverage The DeRF for attacker simulations, validating security controls or enhancing cloud detection capabilities. DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation of repeatable detection samples in the cloud. Built on Google Workflows The DeRF is open-source

Abusing the Replicator: Silently Exfiltrating Data with the AWS S3 Replication Service

But how would you distinguish between legitimate backup activity and malicious data exfiltration on AWS S3? In this blog post, I walkthrough a malicious use of the S3 Replication service and how selective data event logging on the S3 service will result in a gap in S3 exfiltration visibility since