Address Greptile review feedback on AWS and deserialization skills
- Use head-bucket for S3 existence checks instead of duplicating s3 ls - Add Node.js to insecure_deserialization frontmatter description
This commit is contained in:
@@ -41,11 +41,11 @@ AWS misconfigurations frequently expose credentials, data, and lateral movement
|
|||||||
|
|
||||||
**Unauthenticated Enumeration**
|
**Unauthenticated Enumeration**
|
||||||
```
|
```
|
||||||
# S3 bucket existence (403 vs 404 reveals existence)
|
# S3 bucket existence (403 = exists but private, 404 = doesn't exist or different region)
|
||||||
aws s3 ls s3://target-bucket --no-sign-request
|
aws s3api head-bucket --bucket target-bucket --no-sign-request 2>&1
|
||||||
curl -I https://target-bucket.s3.amazonaws.com/
|
curl -I https://target-bucket.s3.amazonaws.com/
|
||||||
|
|
||||||
# Public listing
|
# Public listing (confirms s3:ListBucket is granted to AllUsers)
|
||||||
aws s3 ls s3://target-bucket --no-sign-request
|
aws s3 ls s3://target-bucket --no-sign-request
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
---
|
---
|
||||||
name: insecure_deserialization
|
name: insecure_deserialization
|
||||||
description: Insecure deserialization testing for Java, Python, PHP, .NET, and Ruby covering gadget chains, type confusion, and safe validation
|
description: Insecure deserialization testing for Java, Python, PHP, .NET, Ruby, and Node.js covering gadget chains, type confusion, and safe validation
|
||||||
---
|
---
|
||||||
|
|
||||||
# Insecure Deserialization
|
# Insecure Deserialization
|
||||||
|
|||||||
Reference in New Issue
Block a user