[RedTeam] Rotating Source IPs (Part 1) — AWS API Gateway

bigb0ss
4 min readJan 7, 2021

Intro

During a security engagement, especially for an evasive/covert type of assessment, you might need to hide your traffic as much as possible. Or if the client has implemented some type of IP based blocking, you might need to rotate your source IPs to bypass it to do something like password spraying, web application enumeration, etc. Also, Microsoft is no…

--

--

bigb0ss

OSWE | OSCE | OSCP | CREST | Lead Offensive Security Engineer — All about Penetration Test, Red Team, Cloud Security, Web Application Security