diff --git a/strix/skills/cloud/aws.md b/strix/skills/cloud/aws.md index 13bc8a6..bb0a515 100644 --- a/strix/skills/cloud/aws.md +++ b/strix/skills/cloud/aws.md @@ -41,11 +41,11 @@ AWS misconfigurations frequently expose credentials, data, and lateral movement **Unauthenticated Enumeration** ``` -# S3 bucket existence (403 vs 404 reveals existence) -aws s3 ls s3://target-bucket --no-sign-request +# S3 bucket existence (403 = exists but private, 404 = doesn't exist or different region) +aws s3api head-bucket --bucket target-bucket --no-sign-request 2>&1 curl -I https://target-bucket.s3.amazonaws.com/ -# Public listing +# Public listing (confirms s3:ListBucket is granted to AllUsers) aws s3 ls s3://target-bucket --no-sign-request ``` diff --git a/strix/skills/vulnerabilities/insecure_deserialization.md b/strix/skills/vulnerabilities/insecure_deserialization.md index e7e6d9b..db38212 100644 --- a/strix/skills/vulnerabilities/insecure_deserialization.md +++ b/strix/skills/vulnerabilities/insecure_deserialization.md @@ -1,6 +1,6 @@ --- name: insecure_deserialization -description: Insecure deserialization testing for Java, Python, PHP, .NET, and Ruby covering gadget chains, type confusion, and safe validation +description: Insecure deserialization testing for Java, Python, PHP, .NET, Ruby, and Node.js covering gadget chains, type confusion, and safe validation --- # Insecure Deserialization