381 matches found
AWS-Loot - Pull Secrets From An AWS Environment
Searches an AWS environment looking for secrets, by enumerating environment variables and source code. This tool allows quick enumeration over large sets of AWS instances and services. Install pip install -r requirements.txt An AWS credential file .aws/credentials is required for authentication t...
DEBIAN-CVE-2022-22817
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used...
CVE-2022-22817
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used...
CVE-2022-22817
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used...
CVE-2022-22817
PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used...
Workshop: Building Modern Applications with DevOps Security
In this workshop, you’ll learn how to leverage DevOps Security with your serverless applications running on AWS Lambda or containerized applications running on AWS Fargate. Learn how to make cloud security more efficient, proactive, and gain visibility...
SyntheticSun - A Defense-In-Depth Security Automation And Monitoring Framework Which Utilizes Threat Intelligence, Machine Learning, Managed AWS Security Services And, Serverless Technologies To Continuously Prevent, Detect And Respond To Threats
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats. You sleep in fragmented glass With reflections o...
PT-2022-1455 · Pypi +9 · Pillow +9
Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 9.0.1 Description: The issue allows evaluation of arbitrary expressions, such as ones that use the Python exec method. A lambda expression could also be used, potentially enabling a remote attacker to execute arbitrar...
PT-2021-6134 · Vim +4 · Vim +4
Name of the Vulnerable Software and Affected Versions: vim affected versions not specified Description: The issue is related to a heap-based buffer overflow in the vim text editor, specifically in the eval lambda function located in src/eval.c. This overflow occurs in dynamic memory and can be...
aadetools (>=0.0.3 <=0.0.5), aegea (>=2.0.0 <=2.2.5) +119 more potentially affected by CVE-2021-3572 via pip (>=10.0.0b2 <=21.0.1)
pip PYPI version =10.0.0b2, =0.0.3, =2.0.0, =0.1.2, =0.0.1, =5.1.0, =0.0.1, =0.0.0, =0.0.2, =0.1.0, =0.0.0, =0.1.0.dev1, =0.0.1, =0.0.1, =0.2.3 and more Source cves: CVE-2021-3572 Source advisory: OSV:PYSEC-2021-437...
Domain-Protect - Protect Against Subdomain Takeover
Protect Against Subdomain Takeover scans Amazon Route53 across an AWS Organization for domain records vulnerable to takeover vulnerable domains in Google Cloud DNS can be detected by Domain Protect for GCP deploy to security audit account scan your entire AWS Organization receive alerts by Slack ...
Serverless protection for execution environments made easy
Serverless computing is transforming the way we build, ship, automate, and scale applications. With no infrastructure to manage, organizations can move from ideation to market faster, with virtually no operational overhead. Consequently, these enterprises can now focus on just the code that serve...
lambda-tek.it Cross Site Scripting vulnerability OBB-2144289
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Secure Your Images with AWS Lambda Serverless Functions
NEW on AWS Lambda: Learn how to package up your serverless functions as container images...
Moving to AWS Lambda? Here’s what you need to know.
Serverless computing is transforming the way organizations build, ship, automate and scale applications. With no need to worry about infrastructure or who’s going to manage it, developers are free to focus on application development and innovation. The payoffs can be significant: Faster time to...
Security for AWS Lambda Serverless Applications
Serverless computing is another beautiful cloud-based advancement for developers. But, like all applications, proper security is required to maximize the benefits. Learn more in this article...
Nebula - Cloud C2 Framework, Which At The Moment Offers Reconnaissance, Enumeration, Exploitation, Post Exploitation On AWS
Nebula is a Cloud and hopefully DevOps Penetration Testing framework. It is build with modules for each provider and each functionality. As of April 2021, it only covers AWS, but is currently an ongoing project and hopefully will continue to grow to test GCP, Azure, Kubernetes, Docker, or...
Imperva® Offers Free Serverless Protection for AWS Lambda
Just as other instant computing infrastructures have done in the past, Function-as-a-Service FaaS now enables DevOps teams to deploy applications more efficiently at a fraction of the cost. AWS Lambda, Amazon Web Services’ AWS serverless approach to infrastructure, enables companies to go-to-mark...
What’s New in InsightAppSec and tCell: Q1 2021 in Review
2021 is off and running! The big question on the corporate world’s mind is, of course, “What will work life look like at the end of 2021?” With vaccines rolling out around the world, another shift is set to take place around when and where people put in their hours. As offices slowly start to...
What’s new on AWS Lambda in 2021
This article explores new updates and documentation for AWS Lambda in 2021. Lambda launched several new updates including run container images, cost saving initiatives, and expanded compute capacity...