recent posts
- Exploiting the n8n Git Node: A Tale of Bypasses and RCE (CVE-2026-25053)
- The Tail End of HTTP: Exploiting Trailer Parsing Discrepancies for Smuggling Attacks
- Authentication Bypass via Signature Forgery in Cisco’s node-jose (<= 2.2.0)
- Defense Evasion via Source Code Concealment in Cloud Functions (1st-Gen) – Attack & Detection
- Persistance via SSH Key Addition (Block Project-wide SSH Keys & OS Login)
- Privilege Escalation via Cloud Functions – Attack & Detection
about
Category: Cloud Security
-
Attack To cover the Malicious Source Code, we’ll be using a Non-Malicious source code.
-
SSH (Secure Shell) has long been the de facto standard for secure remote access to UNIX-based systems. Traditionally, SSH relies on key-based authentication, where a user’s Public Key is stored on the server, and the corresponding Private Key is held by the user. When the user attempts to connect, the server challenges the user to…
-
Attack Phase I – Ways to Deploy a Cloud Function in GCP There are three ways to deploy a Cloud Function in GCP: Reason to not use Cloud Console: While Cloud Console may seem user-friendly for creating resources in GCP, we won’t be using it. The reason being, creating resources in GCP often involves navigating…
anir-ban.blog 