!hannah ๐ฆ(@infosec.exchange) is a user on infosec.exchange. You can follow them or interact with them if you have an account anywhere in the fediverse.
If you don't, you can sign up here.
Good in-depth writing: "AWS Privilege Escalation โ Methods and Mitigation" by Rhino Security Labs. Covers 17
https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/
They also make exploits / tools available on their Github https://github.com/RhinoSecurityLabs/Security-Research
----
Excerpt:
This post will cover our recent findings in new IAM Privilege Escalation methods โ 17 in total โ which allow an attacker to escalate from a compromised low-privilege account to full administrative privileges.
