Skip to content
View saw-your-packet's full-sized avatar

Block or report saw-your-packet

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
saw-your-packet/README.md

/whoami

Thanks for checking my profile! Here are some things about me:

  • πŸ˜„ I go by Eduard or saw-your-packet
  • πŸ”­ Doing cloud research with a focus on the offensive part of it
  • 🌩️ My areas of expertise are cloud security, web application penetration testing and security source code review
  • πŸ“« How to reach me: LinkedIn or Twitter
  • πŸ€“ You can follow my work on HackToDef.com

Tools and resources

EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.

A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where we scanned 20k+ public AMIs.

Resources for AWS post-exploitation scenarios where you have the permission ssm:SendCommand, but you can't use the AWS-RunPowerShellScript or AWS-RunShellScript documents.

Talks

Some of my talks:

Pinned Loading

  1. EC2StepShell EC2StepShell Public

    EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.

    Python 60 6

  2. CloudShovel CloudShovel Public

    A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where we scanned 20k+ public AMIs.

    Python 94 7