Acacia Labs

Acacia Labs

Enumeration via the AWS Backup service

Overview An attacker with permissions of at least backup:List* or backup:Describe* permissions can enumerate the AWS Backup service to potentially find critical resources in an AWS account without needing to use traditional, well-monitored and heavily scrutinised reconnaissance commands for individual services. The AWS Backup service supports the following

Populating Azure environment with test data

I was trying to get access to the Microsoft Developer Program simply because they allow you to load in a sample dataset that will configure your test environment with user accounts, groups etc to mock a real environment. This is probably useful if you are developing against the platform, but

Cloud security - Got Milk? IAM enumeration and S3 compromise

Cloud security - Got Milk? IAM enumeration and S3 compromise

(__) (oo) /------\/ "Moo-ving to S3!" / | || * /\---/\ ~~ ~~ References: The IAM policies and commands used in this scenario were based on the following CTF: https://pwnedlabs.io/labs/intro-to-aws-iam-enumeration Fictitious Scenario Delaney's Dairy reached out requesting assistance with a recent cloud compromise. A file that contained their pricing

Malware analysis - .NET - Backdoor GlobalProtect application

Malware analysis - .NET - Backdoor GlobalProtect application

Sample * Name: Setup.exe * SHA256: e3880c7db78e09748fe9caf02f330b1c61cd3aaaa31ffe93fb5ba1fb1035f761 References * Trend Micro: https://www.trendmicro.com/en_us/research/24/h/threat-actors-target-middle-east-using-fake-tool.html Overview * Fake Palo Alto GlobalProtect installer application targeting the Middle East. * The installer, Setup.exe, drops GlobalProtect.exe. * GlobalProtect.exe allows the operator to run PowerShell, download/upload files and

Cryptography in malware - RSA/DiffieHellman/ECC

Cryptography in malware - RSA/DiffieHellman/ECC

Objectives * Provide an overview of fundamental RSA/DiffieHellman/ECC concepts in an easy to digest format. * Provide a reference for later review of fundamental RSA/DiffieHellman/ECC concepts.

Cryptography in malware - Salsa/ChaCha fundamentals - Cheatsheet

Cryptography in malware - Salsa/ChaCha fundamentals - Cheatsheet

Objectives * Provide an overview of fundamental Salsa/ChaCha concepts in an easy to digest format. * Provide a reference for later review of fundamental Salsa/ChaCha concepts. Additional notes * Key size: 256 bits * Nonce size: 64 bits * Counter size: 64 bits * Key stream size: 512 bits

Cryptography in malware - AES fundamentals - Cheatsheet

Cryptography in malware - AES fundamentals - Cheatsheet

Objectives * Provide an overview of fundamental AES concepts in an easy to digest format. * Provide a reference for later review of fundamental AES concepts.

Cryptography in malware - Fundamental concepts - Cheatsheet

Cryptography in malware - Fundamental concepts - Cheatsheet

Objectives: * Provide an overview of fundamental cryptography concepts in an easy to digest format. * Provide a reference for later review of fundamental cryptography concepts. Fundamental 1 - Key concepts - Key terms Fundamental 2 - Key concepts - Symmetric vs Asymmetric