Hunting for Amazon Cognito Security Misconfigurations

Hunting for Amazon Cognito Security Misconfigurations

NahamSec via YouTube Direct link

Intro

1 of 8

1 of 8

Intro

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Hunting for Amazon Cognito Security Misconfigurations

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Introduction to AWS Cognito
  3. 3 How to tell if an application is using Amazon Cognito?
  4. 4 Unauthorized access to AWS services due to Liberal AWS Credentials
  5. 5 Authentication bypass due to enabled Signup API action
  6. 6 Privilege escalation through writable user attributes
  7. 7 Security misconfiguration #4: Updating email attribute before verification
  8. 8 Recommendations for developers

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.