Web Exploitation SSRF Deep Dive: Pivoting to Cloud Metadata, Internal Scans, and Filter Bypass
A practical guide to Server-Side Request Forgery: cloud metadata theft, internal port scanning, filter bypass, and Blue Team defenses.
Cloud Security
Web Exploitation 
Tools & Defense AWS Security Fundamentals and Attack Techniques: IAM, S3, and the Metadata Service
A practical primer on attacking and defending AWS: IAM enumeration, S3 misconfigurations, IMDS abuse, and Pacu.
Cloud Security Breaking Serverless: Attacking AWS Lambda from Event Injection to RCE
How attackers turn Lambda event injection into code execution and credential theft, and how blue teams stop it.
Cloud Security Enumerating and Exploiting AWS with Pacu
A practical walkthrough of using Pacu to enumerate AWS identities, IAM permissions, and discover privilege escalation paths.