• Blog
  • About Me
  • Contact
Application and Cloud Security Expert Application and Cloud Security Expert
  • Blog
  • About Me
  • Contact

hacking

Home / hacking /
By andres.riancho
In hacking
Posted October 13, 2019

Pivoting into VPC networks

Last week was the first public release of vpc-vpn-pivot , a tool that allows you to connect to private VPC subnets using an AWS Client VPN. I created this tool to allow penetration testers to [...]

READ MORE
By andres.riancho
In hacking
Posted June 6, 2019

Internet-Scale analysis of AWS Cognito Security

Just published the white-paper for my latest research: Internet-Scale analysis of AWS Cognito Security. The white-paper contains the methodology and results of an internet-scale security analysis [...]

READ MORE
By andres.riancho
In hacking, security
Posted March 4, 2019

BlackHat Training

Will and I have teamed up to bring you the Web Application Hacker Level-up Lab at Black Hat USA 2019! This hands-on course is designed for hungry intermediate+ penetration testers and seasoned [...]

READ MORE
 2019 Information Security Predictions
By andres.riancho
In hacking, security
Posted January 23, 2019

2019 Information Security Predictions

Cloud computing provider will suffer major breach And we’ll all reconsider running our most business-critical applications and storing our unencrypted information in the cloud. The hack [...]

READ MORE
By andres.riancho
In hacking, security
Posted May 28, 2018

reCAPTCHA bypass via HTTP Parameter Pollution

tl;dr I reported a reCAPTCHA bypass to Google in late January. The bypass required the web application using reCAPTCHA to craft the request to /recaptcha/api/siteverify in an insecure way; but [...]

READ MORE
By andres.riancho
In beginnings, hacking, security
Posted April 2, 2017

Hello world

I’m Andrés Riancho, and this is my blog. Hacker: Born and raised Argentine, husband, father, software developer, application and cloud security expert. Since I can remember I take things [...]

READ MORE
Recent Posts
  • Pivoting into VPC networks
  • Internet-Scale analysis of AWS Cognito Security
  • Information Security Conferences
  • Intro to AWS Hacking
  • BlackHat Training
Categories
  • beginnings
  • hacking
  • misc
  • security
PROFESSIONAL SERVICES
Application Penetration Testing
Developer Training
Cloud Security Assessment
Blog
  • Pivoting into VPC networks
    P
    Pivoting into VPC networks
  • Internet-Scale analysis of AWS Cognito Security
    I
    Internet-Scale analysis of AWS Cognito Security
  • Information Security Conferences
    I
    Information Security Conferences
CONTACT
Form
[email protected]
Andres Riancho. All Rights Reserved © 2017