[RedTeam] Rotating Source IPs (Part 1) — AWS API Gateway

Intro

During a security engagement, especially for an evasive/covert type of assessment, you might need to hide your traffic as much as possible. Or if the client has implemented some type of IP based blocking, you might need to rotate your source IPs to bypass it to do something like password spraying, web application enumeration, etc. Also, Microsoft is no…

--

--

--

OSWE | OSCE | OSCP | CREST | Lead Offensive Security Engineer — All about Penetration Test, Red Team, Cloud Security, Web Application Security

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

HTTP/2 and the HOL in the Waterfall

How to deliver headless content through GraphQL API and Content Fragments?

Perfect your user onboarding messages using Zapier, Airtable, and Notivize

How I Became a Software Engineer With an Electronics Degree?

How to set objectives with engineers

Performance Testing, Types & Work Load Scenarios

Role of routing table in restricting and allowing websites for pinging…

CS373 Spring 2022 Week 5 — David Tang

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
bigb0ss

bigb0ss

OSWE | OSCE | OSCP | CREST | Lead Offensive Security Engineer — All about Penetration Test, Red Team, Cloud Security, Web Application Security

More from Medium

Exploiting AWS Cross-Account access

AWS: Trusted Advisor, part 1 — its features overview

VPC S3 Endpoint with a Custom Policy

Aws Advanced Networking — Enhanced Networking — 3— Intel 82599 VF