PinnedNavneetSCP to restrict AWS regions and the weird behaviour of AWS global servicesAs a best practice to keep the cost under control and to better manage security, enterprises typically allow access to some AWS regions.3 min read·Feb 15, 2023----
PinnedNavneetLoad Balance Traffic to Private EC2 instancesConfigure AWS Application Load Balancer (ALB) to distribute the HTTP traffic across a set of private EC2 instances present in private…4 min read·Feb 14, 2023--1--1
NavneetAdding a Layer of Security Using AWS PrivateLinkAdding a Layer of Security Using AWS PrivateLink3 min read·Oct 31, 2023----
NavneetCommon Issues in S3 Cross-Account AccessLet’s explore the potential issues that can arise when setting up cross-account access to S3. Cross-account access involves a situation…5 min read·Oct 17, 2023----
NavneetJWT Key Confusion Attack: Part2In Part1 we discussed the Key Confusion Attack. In this post we will use a vulnerable JWT application by Sjoerd Langkemper to demonstrate…3 min read·Feb 11, 2021--1--1
NavneetJWT Key Confusion Attack: Part1This post deals with the theory of Key Confusion Attack. Part2 deals with solving the JWT Lab by Sjoerd Langkemper to demonstrate the Key…3 min read·Feb 11, 2021----
NavneetMaintaining Session in NTLM AuthenticationI came across a web application which uses NTLMv2 for authentication. I logged in to the application (provided my credentials for the…4 min read·Jul 30, 2020----
NavneetPyCharm shortcuts you need every minute.Photo by Safar Safarov on Unsplash5 min read·Nov 23, 2019----
NavneetTest_xss_the_rightway_2In part_1 of this series we talked about how the generic payload — <script> alert(‘XSS’) </script> to test XSS doesn’t execute in different…3 min read·Apr 16, 2019----