Abusing Identity Providers in AWS
Exploit a misconfigured GitLab Identity Provider in AWS to gain access and compromise the account
Last updated
Exploit a misconfigured GitLab Identity Provider in AWS to gain access and compromise the account
Last updated
This is a lab I created for the cloud security training platform PwnedLabs.io.
The lab offers hands-on experience in navigating and exploiting real-world cloud vulnerabilities. You'll begin with ReadOnly access to an AWS account, uncover a misconfigured GitLab Identity Provider Trust Policy, exploit it, and ultimately compromise the account.
