-
How To: Rotate Your Ip Address
Background Often, one needs to generate a new IP for every request sent to a target. This is quite useful for getting around rate-limiting controls that may be present. Details The easiest way to do this is by using fireprox, a tool which relies on the AWS API Gateway service that is accessible via the free tier of AWS. Getting started is simple: Download fireprox from the above link Create an AWS account Generate security keys by going to “My Security Credentials” in your AWS account (should be a menu option in the dropdown under your account name once you’re logged into AWS) Execute fireprox with your security keys, specifying the target you’d like to rotate the source IP with Here’s an example:…more
-
Amazon AWS Insecure S3 Buckets Redux
In a previous post, I discussed the problems with insecure Amazon AWS S3 buckets, and introduced a simple Python program to hunt for them. Since that time about two months ago, there have been numerous other breaches, including DoD’s CENTCOM and its social media spying program OUTPOST. So, I’ve updated the code in the Github repository above to do slightly more thorough scanning, including patterns matching the bucket names used in recent breaches.…more