https://frichetten.com/blog/Personal blog, focused on information security. AWS, Web apps, offensive techniques, and more.Hugoen-ushttps://frichetten.com/blog/amplify-vuln-2024/Mon, 22 Apr 2024 00:00:40 -0600https://frichetten.com/blog/amplify-vuln-2024/Public disclosure of a vulnerability in AWS Amplify which exposed IAM roles associated with Amplify projects to be assumed by anyone in the world.https://frichetten.com/blog/minor-cross-tenant-vulns-app-runner/Mon, 03 Apr 2023 00:00:40 -0600https://frichetten.com/blog/minor-cross-tenant-vulns-app-runner/Writeup for two minor cross-tenant vulnerabilities I found in AWS App Runner.https://frichetten.com/blog/undocumented-amplify-api-leak-account-id/Mon, 27 Mar 2023 00:00:40 -0600https://frichetten.com/blog/undocumented-amplify-api-leak-account-id/Writeup for a technique I found to leak an AWS account ID from an Amplify app.https://frichetten.com/blog/aws-api-protocols/Mon, 23 Jan 2023 00:00:40 -0600https://frichetten.com/blog/aws-api-protocols/An introduction to AWS API protocols and how they work.https://frichetten.com/blog/appsync-vulnerability-disclosure/Mon, 21 Nov 2022 00:00:40 -0600https://frichetten.com/blog/appsync-vulnerability-disclosure/Datadog: Technical analysis of a confused deputy vulnerability I found in AWS AppSync.https://frichetten.com/blog/openssl-punycode-vuln/Tue, 01 Nov 2022 00:00:40 -0600https://frichetten.com/blog/openssl-punycode-vuln/Datadog: A technical analysis of the OpenSSL punycode vulnerability.https://frichetten.com/blog/revisiting_lambda_persistence/Thu, 16 Sep 2021 00:00:40 -0600https://frichetten.com/blog/revisiting_lambda_persistence/Revisiting and building on the original Lambda persistence technique.https://frichetten.com/blog/xss_in_aws_console/Thu, 03 Jun 2021 00:00:40 -0600https://frichetten.com/blog/xss_in_aws_console/Writeup for a cross-site scripting bug I found in the AWS Console.https://frichetten.com/blog/ssm-agent-tomfoolery/Wed, 27 Jan 2021 00:00:40 -0600https://frichetten.com/blog/ssm-agent-tomfoolery/Research on post-exploitation techniques against SSM Agent abusing send-command and start-session.https://frichetten.com/blog/aws-api-enum-vuln/Sat, 17 Oct 2020 00:00:40 -0600https://frichetten.com/blog/aws-api-enum-vuln/Writeup for a bug I discovered in the AWS API that would allow you to enumerate certain permissions for a role without logging to CloudTrail.https://frichetten.com/blog/abusing-aws-connection-tracking/Tue, 11 Aug 2020 00:00:40 -0600https://frichetten.com/blog/abusing-aws-connection-tracking/Tunnel out of restricted security groups by abusing connection tracking.https://frichetten.com/blog/abusing-gitlab-runners/Sat, 11 Jul 2020 00:16:40 -0600https://frichetten.com/blog/abusing-gitlab-runners/Some research I did on abusing GitLab Runners to steal information by emulating a runner's behavior.https://frichetten.com/blog/cve-2020-11108-pihole-rce/Sun, 10 May 2020 00:16:40 -0600https://frichetten.com/blog/cve-2020-11108-pihole-rce/Writeup for CVE-2020-11108 covering how I found the vulnerability and how it can be exploited for fun/profit.https://frichetten.com/blog/escalating-deserialization-attacks-python/Sun, 23 Feb 2020 17:16:40 -0600https://frichetten.com/blog/escalating-deserialization-attacks-python/Demonstrating how to exploit deserialization attacks in Python 2/3https://frichetten.com/blog/intercept-linux-cli-tool-traffic/Sat, 11 Jan 2020 17:16:40 -0600https://frichetten.com/blog/intercept-linux-cli-tool-traffic/A guide on how to intercept Linux CLI tool traffic with Burp Suitehttps://frichetten.com/blog/bypass-guardduty-pentest-alerts/Wed, 04 Sep 2019 17:16:40 -0600https://frichetten.com/blog/bypass-guardduty-pentest-alerts/A guide to bypass the GuardDuty PenTest Finding Typehttps://frichetten.com/blog/hijack-iam-roles-and-avoid-detection/Mon, 01 Jul 2019 17:16:40 -0600https://frichetten.com/blog/hijack-iam-roles-and-avoid-detection/A guide on how to steal IAM role keys and use them without being detectedhttps://frichetten.com/blog/idor-attacks/Tue, 04 Jun 2019 17:16:40 -0600https://frichetten.com/blog/idor-attacks/An introduction to IDOR attackshttps://frichetten.com/blog/content-security-policy/Mon, 03 Dec 2018 17:16:40 -0600https://frichetten.com/blog/content-security-policy/An in depth overview of the Content Security Policy headerhttps://frichetten.com/blog/angular-universal/Thu, 04 Oct 2018 17:16:40 -0600https://frichetten.com/blog/angular-universal/Some advice based on my experience with Angular Universalhttps://frichetten.com/blog/oscp-review/Mon, 23 Jul 2018 17:16:40 -0600https://frichetten.com/blog/oscp-review/My thoughts and experiences with the OSCP