Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Retire EC2 Credential Exfiltration Bypass and Add the New One #109

Closed
Frichetten opened this issue Jan 21, 2022 · 1 comment
Closed

Retire EC2 Credential Exfiltration Bypass and Add the New One #109

Frichetten opened this issue Jan 21, 2022 · 1 comment
Labels
validate and include Validate this information and add to documentation

Comments

@Frichetten
Copy link
Contributor

The Bypass Credential Exfiltration Detection will need to be deprecated, and the new bypass will need to be added. Additionally, it's worth investing more research time into this. Aside from VPC Endpoints there may be more obscure ways to divert network traffic and get around this detection.
@Frichetten Frichetten added the validate and include Validate this information and add to documentation label Jan 21, 2022
Frichetten added a commit that referenced this issue Jan 23, 2022
@Frichetten
Update #109: Updated the credential exfiltration article due to the n…
004e186 
…ew changes to GuardDuty. Added information about the new bypass
Frichetten added a commit that referenced this issue Jan 23, 2022
@Frichetten
Merge pull request #113 from Hacking-the-Cloud/update_ec2_credential_…
c22d828 
…exfiltration

Update #109: Updated the credential exfiltration article
@Frichetten
Copy link
Contributor Author

Handled in #113. Closing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
validate and include Validate this information and add to documentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Frichetten