Section Contents

• 📄 HTB: BlackSky

  A deep dive into AWS misconfigurations. Enumerating public S3 buckets, recovering leaked keys, and abusing IAM PutUserPolicy to takeover the account.

• 📄 HTB: Sink

  Exploiting a custom header IDOR to access the GCP Metadata Service, leading to Service Account compromise.

• 📄 HTB: Stacked

  Breaking out of a Serverless Lambda function. Chaining XSS to Lambda deployment, then pivoting to the Cloud Controller.