SlideShare a Scribd company logo

Owning the cloud

n|u - The Open Security Community
n|u - The Open Security Community
1 of 13
Download to read offline
 Software as a service is an "on-demand software" supplied by "Application- Service-Providers" (ASPs), in which software and associated data are centrally hosted on the cloud, and accessed by users using a web browser
.ASPX;.JPEG
Internal FilePath Disclosure
 Meterpreter >> Higher getsystem Privilege
Owning the cloud
Owning the cloud
Owning the cloud

Recommended

Ead pertemuan-12
Ead pertemuan-12Ead pertemuan-12
Ead pertemuan-12Yudha Arif Budiman
 
EXTERNAL- Better Self Enablement Overview
EXTERNAL- Better Self Enablement OverviewEXTERNAL- Better Self Enablement Overview
EXTERNAL- Better Self Enablement OverviewDhaneesh ..
 
Mule salesforce integration patterns
Mule salesforce integration patternsMule salesforce integration patterns
Mule salesforce integration patternsD.Rajesh Kumar
 
The Three Musketeers (Authentication, Authorization, Accounting)
The Three Musketeers (Authentication, Authorization, Accounting)The Three Musketeers (Authentication, Authorization, Accounting)
The Three Musketeers (Authentication, Authorization, Accounting)Sarah Conway
 
Truzztcar mvp
Truzztcar mvpTruzztcar mvp
Truzztcar mvph-bauer2014
 
AAA Protocol
AAA ProtocolAAA Protocol
AAA ProtocolNetwax Lab
 
Netcore - Emergic MailArray - Email Archiving & Compliance Solution
Netcore - Emergic MailArray - Email Archiving & Compliance SolutionNetcore - Emergic MailArray - Email Archiving & Compliance Solution
Netcore - Emergic MailArray - Email Archiving & Compliance SolutionNetcore Solutions
 
Application server
Application serverApplication server
Application servernava rathna
 

Recommended

Ead pertemuan-12
Ead pertemuan-12Ead pertemuan-12
Ead pertemuan-12Yudha Arif Budiman
 
EXTERNAL- Better Self Enablement Overview
EXTERNAL- Better Self Enablement OverviewEXTERNAL- Better Self Enablement Overview
EXTERNAL- Better Self Enablement OverviewDhaneesh ..
 
Mule salesforce integration patterns
Mule salesforce integration patternsMule salesforce integration patterns
Mule salesforce integration patternsD.Rajesh Kumar
 
The Three Musketeers (Authentication, Authorization, Accounting)
The Three Musketeers (Authentication, Authorization, Accounting)The Three Musketeers (Authentication, Authorization, Accounting)
The Three Musketeers (Authentication, Authorization, Accounting)Sarah Conway
 
Truzztcar mvp
Truzztcar mvpTruzztcar mvp
Truzztcar mvph-bauer2014
 
AAA Protocol
AAA ProtocolAAA Protocol
AAA ProtocolNetwax Lab
 
Netcore - Emergic MailArray - Email Archiving & Compliance Solution
Netcore - Emergic MailArray - Email Archiving & Compliance SolutionNetcore - Emergic MailArray - Email Archiving & Compliance Solution
Netcore - Emergic MailArray - Email Archiving & Compliance SolutionNetcore Solutions
 
Application server
Application serverApplication server
Application servernava rathna
 
e-SUAP - Security - Windows azure access control list (english version)
e-SUAP - Security - Windows azure access control list (english version)e-SUAP - Security - Windows azure access control list (english version)
e-SUAP - Security - Windows azure access control list (english version)Sabino Labarile
 
Cloud Circle Talk - Enterprise Architecture, Cloud Computing and Integrations
Cloud Circle Talk - Enterprise Architecture, Cloud Computing and IntegrationsCloud Circle Talk - Enterprise Architecture, Cloud Computing and Integrations
Cloud Circle Talk - Enterprise Architecture, Cloud Computing and Integrationspaulfallon
 
OAuth
OAuthOAuth
OAuthAdi Challa
 
Web Services Container
Web Services ContainerWeb Services Container
Web Services ContainerJorgen Thelin
 
Cad
CadCad
CadRajSingh734307
 
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...Nexgen Technology
 
Saas security
Saas securitySaas security
Saas securitySandeep Sharma IIMK Smart City,IoT,Bigdata,Cloud,BI,DW
 
Reuters_Connect
Reuters_ConnectReuters_Connect
Reuters_ConnectDan Polito
 
Windows Azure in Qatar
Windows Azure in QatarWindows Azure in Qatar
Windows Azure in Qatarguestb9112
 
AAA Implementation
AAA ImplementationAAA Implementation
AAA ImplementationAhmad El Tawil
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - APIChetan Gadodia
 
Azure appservice
Azure appserviceAzure appservice
Azure appserviceRaju Kumar
 
Mule esb api layer
Mule esb api layerMule esb api layer
Mule esb api layerPraneethchampion
 
Rest API Automation with REST Assured
Rest API Automation with REST AssuredRest API Automation with REST Assured
Rest API Automation with REST AssuredTO THE NEW Pvt. Ltd.
 
CMS (content management system)
CMS (content management system)CMS (content management system)
CMS (content management system)aaina_katyal
 
AAA & RADIUS Protocols
AAA & RADIUS ProtocolsAAA & RADIUS Protocols
AAA & RADIUS ProtocolsPeter R. Egli
 
SaaSPlex Enterprise
SaaSPlex EnterpriseSaaSPlex Enterprise
SaaSPlex EnterpriseLa Lakis
 
IAM Federation - Pop-up Loft TLV 2017
IAM Federation - Pop-up Loft TLV 2017IAM Federation - Pop-up Loft TLV 2017
IAM Federation - Pop-up Loft TLV 2017Amazon Web Services
 
WSO2Con 2011: Introduction to Stratos
WSO2Con 2011: Introduction to StratosWSO2Con 2011: Introduction to Stratos
WSO2Con 2011: Introduction to StratosAfkham Azeez
 
Nomadic crossings hybrid cloud primer
Nomadic crossings hybrid cloud primerNomadic crossings hybrid cloud primer
Nomadic crossings hybrid cloud primerJoseph Vito
 
Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)n|u - The Open Security Community
 
Osint primer
Osint primerOsint primer
Osint primern|u - The Open Security Community
 

More Related Content

What's hot

e-SUAP - Security - Windows azure access control list (english version)
e-SUAP - Security - Windows azure access control list (english version)e-SUAP - Security - Windows azure access control list (english version)
e-SUAP - Security - Windows azure access control list (english version)Sabino Labarile
 
Cloud Circle Talk - Enterprise Architecture, Cloud Computing and Integrations
Cloud Circle Talk - Enterprise Architecture, Cloud Computing and IntegrationsCloud Circle Talk - Enterprise Architecture, Cloud Computing and Integrations
Cloud Circle Talk - Enterprise Architecture, Cloud Computing and Integrationspaulfallon
 
Web Services Container
Web Services ContainerWeb Services Container
Web Services ContainerJorgen Thelin
 
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...Nexgen Technology
 
Reuters_Connect
Reuters_ConnectReuters_Connect
Reuters_ConnectDan Polito
 
Windows Azure in Qatar
Windows Azure in QatarWindows Azure in Qatar
Windows Azure in Qatarguestb9112
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - APIChetan Gadodia
 
Azure appservice
Azure appserviceAzure appservice
Azure appserviceRaju Kumar
 
Rest API Automation with REST Assured
Rest API Automation with REST AssuredRest API Automation with REST Assured
Rest API Automation with REST AssuredTO THE NEW Pvt. Ltd.
 
CMS (content management system)
CMS (content management system)CMS (content management system)
CMS (content management system)aaina_katyal
 
AAA & RADIUS Protocols
AAA & RADIUS ProtocolsAAA & RADIUS Protocols
AAA & RADIUS ProtocolsPeter R. Egli
 
SaaSPlex Enterprise
SaaSPlex EnterpriseSaaSPlex Enterprise
SaaSPlex EnterpriseLa Lakis
 
IAM Federation - Pop-up Loft TLV 2017
IAM Federation - Pop-up Loft TLV 2017IAM Federation - Pop-up Loft TLV 2017
IAM Federation - Pop-up Loft TLV 2017Amazon Web Services
 
WSO2Con 2011: Introduction to Stratos
WSO2Con 2011: Introduction to StratosWSO2Con 2011: Introduction to Stratos
WSO2Con 2011: Introduction to StratosAfkham Azeez
 
Nomadic crossings hybrid cloud primer
Nomadic crossings hybrid cloud primerNomadic crossings hybrid cloud primer
Nomadic crossings hybrid cloud primerJoseph Vito
 

What's hot (20)

e-SUAP - Security - Windows azure access control list (english version)
e-SUAP - Security - Windows azure access control list (english version)e-SUAP - Security - Windows azure access control list (english version)
e-SUAP - Security - Windows azure access control list (english version)
 
Cloud Circle Talk - Enterprise Architecture, Cloud Computing and Integrations
Cloud Circle Talk - Enterprise Architecture, Cloud Computing and IntegrationsCloud Circle Talk - Enterprise Architecture, Cloud Computing and Integrations
Cloud Circle Talk - Enterprise Architecture, Cloud Computing and Integrations
 
OAuth
OAuthOAuth
OAuth
 
Web Services Container
Web Services ContainerWeb Services Container
Web Services Container
 
Cad
CadCad
Cad
 
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...
ATTRIBUTE-BASED DATA SHARING SCHEME REVISITED IN CLOUD COMPUTING,bulk ieee pr...
 
Saas security
Saas securitySaas security
Saas security
 
Reuters_Connect
Reuters_ConnectReuters_Connect
Reuters_Connect
 
Windows Azure in Qatar
Windows Azure in QatarWindows Azure in Qatar
Windows Azure in Qatar
 
AAA Implementation
AAA ImplementationAAA Implementation
AAA Implementation
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - API
 
Azure appservice
Azure appserviceAzure appservice
Azure appservice
 
Mule esb api layer
Mule esb api layerMule esb api layer
Mule esb api layer
 
Rest API Automation with REST Assured
Rest API Automation with REST AssuredRest API Automation with REST Assured
Rest API Automation with REST Assured
 
CMS (content management system)
CMS (content management system)CMS (content management system)
CMS (content management system)
 
AAA & RADIUS Protocols
AAA & RADIUS ProtocolsAAA & RADIUS Protocols
AAA & RADIUS Protocols
 
SaaSPlex Enterprise
SaaSPlex EnterpriseSaaSPlex Enterprise
SaaSPlex Enterprise
 
IAM Federation - Pop-up Loft TLV 2017
IAM Federation - Pop-up Loft TLV 2017IAM Federation - Pop-up Loft TLV 2017
IAM Federation - Pop-up Loft TLV 2017
 
WSO2Con 2011: Introduction to Stratos
WSO2Con 2011: Introduction to StratosWSO2Con 2011: Introduction to Stratos
WSO2Con 2011: Introduction to Stratos
 
Nomadic crossings hybrid cloud primer
Nomadic crossings hybrid cloud primerNomadic crossings hybrid cloud primer
Nomadic crossings hybrid cloud primer
 

More from n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

More from n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Owning the cloud

  • 1.
  • 2. Software as a service is an "on-demand software" supplied by "Application- Service-Providers" (ASPs), in which software and associated data are centrally hosted on the cloud, and accessed by users using a web browser
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10. Meterpreter >> Higher getsystem Privilege