HackerTrans
TopNewTrendsCommentsPastAskShowJobs

frothy-dashcam

no profile record

comments

frothy-dashcam
·3 ay önce·discuss
I absolutely second the OP. I used to be a penetration tester and whenever I had low level contributor access to an internal repository I managed to break out into the cloud and in 99% of cases I was an administrator after that. CI/CD is remote code execution as a service and way too often way too misconfigured. When I say low-level contributor access, I mean the level you give an intern who joins your company for a two-week summer internship. They come as an unpaid intern, they leave as an AWS administrator. Pretty good deal in my book ;) Thank you so much for creating the tool. This might drive the point home just how easy it is to exploit this stuff.