Mindblown: a blog about Cyber Security.

  • AWS IAM Roles Anywhere – Part 2

    In the previous post, I showed you how to create AWS IAM Roles Anywhere with external CA and in this post am going to discuss about some advance topics such as How to revoke a certificate There are multiple scenarios where you want to revoke an entity certificates like compromised entity or during off-boarding of […]

  • Chisel – Favourite red team tool

    Introduction Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. Single executable for both client / server connection. More details about this tool can be found here. Why is it useful ? Corporate network is not accessible from internet and its blocked by firewall. Chisel is helpful creating the proxy connection and […]

  • The Cuckoo’s Egg

    Introduction Another interesting cybersecurity book I have read this year. It’s fascinating to read about the Cyber security investigation by Cliff Stoll to catch the hacker. Book starts with Cliff Stoll tries to identify the discrepancy in the accounting system(I think 75c) and he ended up chasing the hacker and along the way Cliff learnt […]

  • AWS IAM Roles Anywhere – Part 1

    Introduction AWS recently released the IAM Roles Anywhere and its well thought and recommended feature instead of using Long term access keys for workloads. In short, AWS IAM Roles anywhere is based on x.509 certs by creating the trust between PKI and IAM. Why I have to use AWS IAM Roles Anywhere? Historically on-premise workloads […]

  • Countdown to zero day by Kim Zetter

    Introduction This is my first cyber security book I read and I got hooked into the story from page1 and its real page turner. I am fascinated and amazed at the same time how the digital weapon meets the kinetic warfare. Two decades ago it’s impossible to think someone said they uses computer to sabotage […]

  • Offensive Security

    What is Offensive Security? Recently I have developed interest in learning how bad actors exploiting the Information System and so I started spending most of my time understanding, practicing and identifying the vulnerable components in the application (Ethical way) to enhance my knowledge so that it will be useful to securely implement and protect the […]

  • Just-in-time(JIT) access to servers using Vault

  • Log4J Experiment

    Introduction Log4J is popular topic recently – Most of the apps are vulnerable for Log4J vulnerability. Below is my experiment locally exploiting the Log4J vulnerability. Vulnerable Code Reference – https://www.lunasec.io/docs/blog/log4j-zero-day/ Compile the vulnerable code and get it ready to execute Run the exploitable code using below docker command Change the IP address to your local IP […]

  • Hello world!

    Welcome to WordPress. This is your first post. Edit or delete it, then start writing!

Got any questions?