09-17, 15:15–15:35 (Europe/Brussels), Main Room
Undocumented AWS APIs have been associated with a number of vulnerabilities over the time. They’ve been used to modify and access resources cross-tenant, evade detection from CloudTrail, be useful for privilege escalation, and more. For cloud researchers and security professionals, these vulnerabilities raise the question: “How can we effectively identify these hidden APIs at scale”?
In this talk I will present my methodology for discovering thousands of undocumented AWS APIs, talk about the challenges of this research, and release an open-source tool so that you can discover them for yourself. In addition, I will share an analysis of the full dataset of undocumented APIs I’ve been gathering for over a year.
Nick Frichette is a Staff Security Researcher at Datadog, where he specializes in offensive AWS security. He is known for finding multiple zero-day vulnerabilities in AWS services and regularly publishing on new attack techniques. In addition to his research, Nick is the creator and primary contributor to Hacking the Cloud, an open source encyclopedia of offensive security capabilities for cloud environments. He is also a part of the AWS Community Builder Program, where he develops content on AWS security.