What's in a Name? Writing custom DNS tunnelling protocol, exploiting unexpected AWS Lambda misconfiguration - in a web app Pen test (Part 1) | JUMPSEC LABS
Tags
attack-pattern: Data Dns - T1071.004 Dns - T1590.002 Junk Data - T1001.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Serverless - T1583.007 Serverless - T1584.007
Show in Graph
Common Information
Type Value
UUID 58860f4c-7355-4a4e-90eb-3a5afa4e0411
Fingerprint e55d9b856831d4b9
Analysis status DONE
Considered CTI value 0
Text language
Published June 6, 2024, 6:42 a.m.
Added to db Aug. 31, 2024, 6:25 a.m.
Last updated Nov. 17, 2024, 10:43 p.m.
Headline What’s in a Name? Writing custom DNS tunnelling protocol, exploiting unexpected AWS Lambda misconfiguration – in a web app Pen test (Part 1)
Title What's in a Name? Writing custom DNS tunnelling protocol, exploiting unexpected AWS Lambda misconfiguration - in a web app Pen test (Part 1) | JUMPSEC LABS
Detected Hints/Tags/Attributes 52/1/8
Source URLs
Redirection Url
Details Source https://labs.jumpsec.com/whats-in-a-name-writing-custom-dns-tunnelling-protocol-on-the-fly-exploiting-unexpected-aws-lambda-misconfiguration-all-in-a-web-app-pen-test-part-1/
URL Provider
Details Provider Source level domain
Details jumpsec.com labs.jumpsec.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 149 JUMPSEC LABS https://labs.jumpsec.com/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 28 
subprocess.run
Details Domain 14 
oastify.com
Details Domain 1 
ns1.oastify.com
Details Domain 1 
foobar.oastify.com
Details Domain 1 
ns1.oaststify.com
Details File 674 
node.js
Details File 42 
request.url
Details IPv4 619 
0.0.0.0