Explore common security misconfigurations in Amazon Cognito implementations and learn how to test for vulnerabilities during security audits or bug bounty hunting. This conference talk, presented by principal security consultant Yassine Aboukir at Hack In The Box Security Conference, delves into the potential cyber attack risks associated with improper Cognito setups. Discover a real-world case study of a zero-interaction account takeover on Flickr, and gain practical tips for developers to mitigate and avoid these security pitfalls. Benefit from Aboukir's expertise as a top-ranked bug bounty hunter and experienced speaker in the field of application and cloud security.
Hunting for Amazon Cognito Security Misconfigurations
Hack In The Box Security Conference via YouTube
Overview
Syllabus
#HITB2023HKT D2T1 - Hunting For Amazon Cognito Security Misconfigurations - Yassine Aboukir
Taught by
Hack In The Box Security Conference
Related Courses
-
Hunting for Amazon Cognito Security Misconfigurations
-
Bug Bounty Hunting: Website Hacking / Penetration Testing
-
Learn Bug Bounty Hunting & Web Security Testing From Scratch
-
OWASP Top 10 - A05:2021 - Security Misconfiguration
-
Web Security & Bug Bounty: Learn Penetration Testing
-
Implementing User Access and Authentication with Amazon Cognito
