Tag Archive

| Follow @lancinimarco | Subscribe to CloudSecList

2016 6
2017 3
2018 11
2019 4
2020 10
2021 8
ansible 2
aws 12
azure 1
backups 2
cartography 4
cloud 17
consul 2
development 3
devops 11
docker 10
elasticsearch 2
exploit 2
gcp 10
go 3
gsuite 1
hashistack 3
iOS 8
infrastructure 8
kafka 2
kubernetes 12
needle 7
pentest 9
redteam 1
strategy 1
vagrant 1
vault 2

2016

Needle V0.1.1 Released

iOS 9: Effective Jailbreak

Needle V0.0.4 Released

Needle Status Update

A quick intro to Needle

Introducing Needle

2017

Docker + Consul + Vault: A Practical Guide

Needle meets Jenkins: how to include Needle in your CI pipeline

Needle v1.0.0 released: new native agent and support for iOS 10

2018

Critical Vulnerability in Kubernetes API Server (CVE-2018-1002105)

Red Teaming Mind Map from The Hacker Playbook 3

My Arsenal of Cloud Native (Security) Tools

Hunt for and Exploit the libSSH Authentication Bypass (CVE-2018-10933)

So I Heard You Want to Learn Kubernetes

GoScan v2

Offensive Infrastructure: Introduction to Consul

Offensive ELK: Elasticsearch for Offensive Security

Robtex-Go: Go Client for the Robtex API

Introducing GoScan (aka a reason to learn Go)

Burp Pro as a Docker Container

2019

Cross Account Auditing in AWS and GCP

Introducing CloudSecList.com

Deploy Your Own Kubernetes Lab

Offensive Infrastructure: the HashiStack

2020

Semgrep for Cloud Security

Introducing CloudSecDocs.com

Domain-Wide Delegation of Authority in GSuite

Tracking Moving Clouds: How to continuously track cloud assets with Cartography

So I Heard You Want to Learn Kafka

The Current State of Kubernetes Threat Modelling

Building a Serverless Mailing List in AWS

My Blogging Stack

Remote Development with a Chromebook in 2020

Mapping Moving Clouds: How to stay on top of your ephemeral environments with Cartography

2021

Automated GDrive Backups with ECS and S3

Automated Github Backups with ECS and S3

On Establishing a Cloud Security Program

Automating Cartography Deployments on Kubernetes

Kubernetes Lab on Baremetal

Security Logging in Cloud Environments - GCP

A Quick Look at GKE Autopilot (in 15 minutes)

Security Logging in Cloud Environments - AWS

ansible

Deploy Your Own Kubernetes Lab

Offensive Infrastructure: the HashiStack

aws

Automated GDrive Backups with ECS and S3

Automated Github Backups with ECS and S3

Automating Cartography Deployments on Kubernetes

Security Logging in Cloud Environments - AWS

Semgrep for Cloud Security

Introducing CloudSecDocs.com

Tracking Moving Clouds: How to continuously track cloud assets with Cartography

Building a Serverless Mailing List in AWS

My Blogging Stack

Mapping Moving Clouds: How to stay on top of your ephemeral environments with Cartography

Cross Account Auditing in AWS and GCP

My Arsenal of Cloud Native (Security) Tools

azure

Introducing CloudSecDocs.com

backups

Automated GDrive Backups with ECS and S3

Automated Github Backups with ECS and S3

cartography

Automating Cartography Deployments on Kubernetes

Domain-Wide Delegation of Authority in GSuite

Tracking Moving Clouds: How to continuously track cloud assets with Cartography

Mapping Moving Clouds: How to stay on top of your ephemeral environments with Cartography

cloud

Automated GDrive Backups with ECS and S3

Automated Github Backups with ECS and S3

On Establishing a Cloud Security Program

Automating Cartography Deployments on Kubernetes

Security Logging in Cloud Environments - GCP

A Quick Look at GKE Autopilot (in 15 minutes)

Security Logging in Cloud Environments - AWS

Semgrep for Cloud Security

Introducing CloudSecDocs.com

Domain-Wide Delegation of Authority in GSuite

Tracking Moving Clouds: How to continuously track cloud assets with Cartography

So I Heard You Want to Learn Kafka

Building a Serverless Mailing List in AWS

My Blogging Stack

Mapping Moving Clouds: How to stay on top of your ephemeral environments with Cartography

Cross Account Auditing in AWS and GCP

Introducing CloudSecList.com

consul

Offensive Infrastructure: the HashiStack

Offensive Infrastructure: Introduction to Consul

development

Building a Serverless Mailing List in AWS

My Blogging Stack

Remote Development with a Chromebook in 2020

devops

Semgrep for Cloud Security

Introducing CloudSecDocs.com

Tracking Moving Clouds: How to continuously track cloud assets with Cartography

So I Heard You Want to Learn Kafka

Mapping Moving Clouds: How to stay on top of your ephemeral environments with Cartography

Introducing CloudSecList.com

Deploy Your Own Kubernetes Lab

Offensive Infrastructure: the HashiStack

My Arsenal of Cloud Native (Security) Tools

So I Heard You Want to Learn Kubernetes

Offensive Infrastructure: Introduction to Consul

docker

Introducing CloudSecDocs.com

Deploy Your Own Kubernetes Lab

Offensive Infrastructure: the HashiStack

My Arsenal of Cloud Native (Security) Tools

So I Heard You Want to Learn Kubernetes

GoScan v2

Offensive Infrastructure: Introduction to Consul

Offensive ELK: Elasticsearch for Offensive Security

Burp Pro as a Docker Container

Docker + Consul + Vault: A Practical Guide

elasticsearch

Hunt for and Exploit the libSSH Authentication Bypass (CVE-2018-10933)

Offensive ELK: Elasticsearch for Offensive Security

exploit

Critical Vulnerability in Kubernetes API Server (CVE-2018-1002105)

Hunt for and Exploit the libSSH Authentication Bypass (CVE-2018-10933)

gcp

Automated GDrive Backups with ECS and S3

Automating Cartography Deployments on Kubernetes

Security Logging in Cloud Environments - GCP

A Quick Look at GKE Autopilot (in 15 minutes)

Semgrep for Cloud Security

Introducing CloudSecDocs.com

Domain-Wide Delegation of Authority in GSuite

Tracking Moving Clouds: How to continuously track cloud assets with Cartography

Mapping Moving Clouds: How to stay on top of your ephemeral environments with Cartography

Cross Account Auditing in AWS and GCP

go

GoScan v2

Robtex-Go: Go Client for the Robtex API

Introducing GoScan (aka a reason to learn Go)

gsuite

Domain-Wide Delegation of Authority in GSuite

hashistack

Offensive Infrastructure: the HashiStack

Offensive Infrastructure: Introduction to Consul

Docker + Consul + Vault: A Practical Guide

iOS

Needle meets Jenkins: how to include Needle in your CI pipeline

Needle v1.0.0 released: new native agent and support for iOS 10

Needle V0.1.1 Released

iOS 9: Effective Jailbreak

Needle V0.0.4 Released

Needle Status Update

A quick intro to Needle

Introducing Needle

infrastructure

Automated GDrive Backups with ECS and S3

Automated Github Backups with ECS and S3

Domain-Wide Delegation of Authority in GSuite

Tracking Moving Clouds: How to continuously track cloud assets with Cartography

Mapping Moving Clouds: How to stay on top of your ephemeral environments with Cartography

Deploy Your Own Kubernetes Lab

Offensive Infrastructure: the HashiStack

Offensive Infrastructure: Introduction to Consul

kafka

Introducing CloudSecDocs.com

So I Heard You Want to Learn Kafka

kubernetes

On Establishing a Cloud Security Program

Automating Cartography Deployments on Kubernetes

Kubernetes Lab on Baremetal

A Quick Look at GKE Autopilot (in 15 minutes)

Semgrep for Cloud Security

Introducing CloudSecDocs.com

The Current State of Kubernetes Threat Modelling

Introducing CloudSecList.com

Deploy Your Own Kubernetes Lab

Critical Vulnerability in Kubernetes API Server (CVE-2018-1002105)

My Arsenal of Cloud Native (Security) Tools

So I Heard You Want to Learn Kubernetes

needle

Needle meets Jenkins: how to include Needle in your CI pipeline

Needle v1.0.0 released: new native agent and support for iOS 10

Needle V0.1.1 Released

Needle V0.0.4 Released

Needle Status Update

A quick intro to Needle

Introducing Needle

pentest

Red Teaming Mind Map from The Hacker Playbook 3

My Arsenal of Cloud Native (Security) Tools

Hunt for and Exploit the libSSH Authentication Bypass (CVE-2018-10933)

GoScan v2

Offensive Infrastructure: Introduction to Consul

Offensive ELK: Elasticsearch for Offensive Security

Robtex-Go: Go Client for the Robtex API

Introducing GoScan (aka a reason to learn Go)

Burp Pro as a Docker Container

redteam

Red Teaming Mind Map from The Hacker Playbook 3

strategy

On Establishing a Cloud Security Program

vagrant

Deploy Your Own Kubernetes Lab

vault

Offensive Infrastructure: the HashiStack

Docker + Consul + Vault: A Practical Guide

Projects & Publications

Blog

About

2016

2017

2018

2019

2020

2021

ansible

aws

azure

backups

cartography

cloud

consul

development

devops

docker

elasticsearch

exploit

gcp

go

gsuite

hashistack

iOS

infrastructure

kafka

kubernetes

needle

pentest

redteam

strategy

vagrant

vault

About

CloudSec* Projects

Collections

Must Read

Recent Articles

Tags

Twitter Feed