hacking

Last week was the first public release of vpc-vpn-pivot , a tool that allows you to connect to private VPC subnets using an AWS Client VPN. I created this tool to allow penetration testers to [...]

Just published the white-paper for my latest research: Internet-Scale analysis of AWS Cognito Security. The white-paper contains the methodology and results of an internet-scale security analysis [...]

Will and I have teamed up to bring you the Web Application Hacker Level-up Lab at Black Hat USA 2019! This hands-on course is designed for hungry intermediate+ penetration testers and seasoned [...]

Cloud computing provider will suffer major breach And we’ll all reconsider running our most business-critical applications and storing our unencrypted information in the cloud. The hack [...]

tl;dr I reported a reCAPTCHA bypass to Google in late January. The bypass required the web application using reCAPTCHA to craft the request to /recaptcha/api/siteverify in an insecure way; but [...]

I’m Andrés Riancho, and this is my blog. Hacker: Born and raised Argentine, husband, father, software developer, application and cloud security expert. Since I can remember I take things [...]