Category Archives: Tools

Cloud Services Enumeration – AWS, Azure and GCP

TL;DR: We have built cloud enumeration scripts now available @ https://github.com/NotSoSecure/cloud-service-enum/. This script allows pentesters to validate which cloud tokens (API keys, OAuth tokens and more) can access which cloud service. As cloud environments are becoming increasingly popular, we are seeing a rise in cloud environment usage in production. From… Read More

Hunting the Delegation Access

Active Directory (AD) delegation is a fascinating subject, and we have previously discussed it in a blog post and later in a webinar. To summarize, Active Directory has a capability to delegate certain rights to non (domain/forest/enterprise) admin users to perform administrative tasks over a specific section of AD. This… Read More