Hello there and thanks for your interest! Here are some things about me:
- 😄 I go by Eduard or saw-your-packet
- 🔭 Doing cloud research with a focus on the offensive part of it
- 🌩️ My areas of expertise are cloud security, web application penetration testing and security source code review
- 📫 How to reach me: LinkedIn or Twitter
- 🤓 You can follow my work on HackToDef.com and OffensAI.com/blog
Minimal Rogue OpenID Connect (OIDC) Provider implementation in Python for AWS role assumption using OIDC authentication.
EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.
A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where we scanned 20k+ public AMIs.
Resources for AWS post-exploitation scenarios where you have the permission ssm:SendCommand, but you can't use the AWS-RunPowerShellScript or AWS-RunShellScript documents.
Some of my talks:
- AWS CloudQuarry: Digging for secrets in public AMIs at DEF CON 32
- A Methodical Approach to Privilege Escalation in AWS at DefCamp Cluj-Napoca 2024
- The C2 tool no one talks about: AWS SSM - Run Command at SecurityFest 2023
- Cloud Security: Transitioning from Reactivity to Proactivity at Cloud Security Alliance Romania
- Cloud Configuration Review – The new internal pentest at DefCamp 2022