https://arbaazjamadar.com/wiz/Recent content in Wiz: The Ultimate Cloud Security Championship on Security Writeups | HackTheBox | Wiz CTF | AWS Cloud Security | CVE Analysis | Arbaaz Jamadar Hugo -- gohugo.io enreachout@arbaazjamadar.com (Arbaaz Jamadar) reachout@arbaazjamadar.com (Arbaaz Jamadar)©2025 arbaazjamadar.comThu, 02 Apr 2026 00:00:00 +0000 https://arbaazjamadar.com/wiz/wiz-happy-birthday/ Thu, 02 Apr 2026 00:00:00 +0000 reachout@arbaazjamadar.com (Arbaaz Jamadar) https://arbaazjamadar.com/wiz/wiz-happy-birthday/ Loose resource policies enable the attacker to perform unauthenticated data exfiltration from S3 bucket. The attacker is able to collect and develop all the resource arn's via publicly available endpoints.CTFCTF WriteupCloud SecurityMisconfigurationssecurity CTF writeupWiz CTF writeupWizHappy BirthdayData ExfilCompromised IncidentHappy BirthdaywizWIZWiZWiz: Happy BirthdayWiz: BirhtdayCode analysisApplication SecurityreversingLoose PoliciesLoosely configured StringLike Conditional ChecksBypass StringLikeSNS topic ExfilEnumerate S3 bucketsAccount ID derivationCTF WriteupsCloud SecurityNetwork SecurityWeb SecurityRace conditionStatic code analysisApplication Security https://arbaazjamadar.com/wiz/wiz-trust-issues/ Tue, 24 Mar 2026 00:00:00 +0000 reachout@arbaazjamadar.com (Arbaaz Jamadar) https://arbaazjamadar.com/wiz/wiz-trust-issues/ Exploiting Race condition to gain access to the web app as adminCTFCTF WriteupCloud SecurityMisconfigurationssecurity CTF writeupWizTrust IssuesIncident ResponseCompromised IncidentTrust IssueswizclaudeWIZWiZWiz: Trust IssuesWiz: IssuesCode analysisApplication Securityreversingsupply chainsupply chain vulnerabilityCTF WriteupsCloud SecurityNetwork SecurityWeb SecurityRace conditionStatic code analysisApplication Security https://arbaazjamadar.com/wiz/wiz-confession-booth/ Sat, 21 Mar 2026 00:00:00 +0000 reachout@arbaazjamadar.com (Arbaaz Jamadar) https://arbaazjamadar.com/wiz/wiz-confession-booth/ Exploiting Race condition to gain access to the web app as adminCTFCTF WriteupCloud SecurityMisconfigurationssecurity CTF writeupWizConfession Boothgorace conditionsconfessionswizclaudeAI assistedWIZWiZWiz: Confession BoothWiz: ConfessionCode analysisApplication SecurityreversingCTF WriteupsCloud SecurityNetwork SecurityWeb SecurityRace conditionStatic code analysisApplication Security https://arbaazjamadar.com/wiz/game-of-pods/ Tue, 13 Jan 2026 00:00:00 +0000 reachout@arbaazjamadar.com (Arbaaz Jamadar) https://arbaazjamadar.com/wiz/game-of-pods/ Moving laterally and abusing secret creation for creating a secret of type service account token to get privileged users token. Then abuse the proxy and status to proxy the requests to authenticate with the kube-apiserver itself for getting cluster admin role and leaking secrets and all the information.CTFCTF WriteupCloudSecurityMisconfigurationsKubernetes security CTF writeupWIZWIZ: Game of PodsGame of PodsWiz Cloud security ChampionshipSecurity EngineerCloud SecurityHacktricksExploitationPrivilege EscalationKubernetesBash ScriptingLocating Public ExploitsFixing Public ExploitsInformation GatheringCVE-2022-3294nodes/proxynodes/statusLateral movementabusing secretsabusing service account tokensk8s-debug-bridgeCTF WriteupsCloud SecurityKubernetesCluster HardeningKubernetes Privilege Escalation https://arbaazjamadar.com/wiz/state-of-affairs/ Sun, 11 Jan 2026 00:00:00 +0000 reachout@arbaazjamadar.com (Arbaaz Jamadar) https://arbaazjamadar.com/wiz/state-of-affairs/ Exploiting race condition to get sensitive information using terraform statefile-rce vulnerability.CTFCTF WriteupCloudSecurityMisconfigurationsIaC security CTF writeupWIZWIZ: State of AffairsState of AffairsWiz Cloud security ChampionshipSecurity EngineerCloud SecurityHacktricksExploitationPrivilege EscalationTerraformBash ScriptingLocating Public ExploitsFixing Public ExploitsInformation GatheringCTF WriteupsCloud SecuritySupply Chain AttackTerraformTerraform Privilege Escalation https://arbaazjamadar.com/wiz/wiz-needle-in-a-haystack/ Sun, 28 Sep 2025 00:00:00 +0000 reachout@arbaazjamadar.com (Arbaaz Jamadar) https://arbaazjamadar.com/wiz/wiz-needle-in-a-haystack/ Using OSINT tools to deep dive into enumeration and exploiting misconfigured services to gain access to restricited endpoints.CTFCTF WriteupVibe coding vulnerabilitiesVibe codingCloudSecurityMisconfigurationsInsecure api usageAPI security CTF writeupWIZWIZ: Needle in a haystackNeedle in a haystackCTF WriteupsCloud SecurityAPIAPI Security https://arbaazjamadar.com/wiz/azure-graph-api-oauth-abuse-guest-privilege-escalation/ Tue, 02 Sep 2025 00:00:00 +0000 reachout@arbaazjamadar.com (Arbaaz Jamadar) https://arbaazjamadar.com/wiz/azure-graph-api-oauth-abuse-guest-privilege-escalation/ Step-by-step attack chain abusing Azure Graph API with OAuth client credentials, dynamic group rules, and guest invitations to exfiltrate blob storage data. Includes defensive gaps, mitigations, and security best practices.CTFCTF WriteupAzure Graph API exploitationAzureEntra IDMonitoringCloudSecurityMisconfigurationsNetworkingOAuth client credentials abuseAzure guest accessGraph APIdynamic group privilege escalationAzure blob storage exfiltrationEntra ID admin consent abuseAzure security CTF writeupWIZBreaking The BarriersCTF WriteupsCloud SecurityContainersDevSecOps https://arbaazjamadar.com/wiz/container-escape-ctf-tcpdump-postgresql-core-pattern/ Wed, 27 Aug 2025 00:00:00 +0000 reachout@arbaazjamadar.com (Arbaaz Jamadar) https://arbaazjamadar.com/wiz/container-escape-ctf-tcpdump-postgresql-core-pattern/ End-to-end CTF write-up: sniff PostgreSQL creds with tcpdump, gain RCE via COPY FROM PROGRAM, escalate with sudo, and break out to host using /proc/sys/kernel/core_pattern. Includes detection & mitigations.CTFCTF WriteupDockerContainer EscapeContainer HardeningKubernetesCloudSecurityMisconfigurationsNetworkingmicroservicesHorizontal Privilege EscalationPostgreSQLRCEtcpdumpCOPY FROM PROGRAMsystem mount vulnerabilitiescore_pattern exploituevent_helperWIZContain me if you canCTF WriteupsCloud SecurityContainersDevSecOps https://arbaazjamadar.com/wiz/perimeterleak/ Tue, 26 Aug 2025 00:00:00 +0000 reachout@arbaazjamadar.com (Arbaaz Jamadar) https://arbaazjamadar.com/wiz/perimeterleak/ Cloud Security CTF Writeup: Exploiting AWS IMDSv2, SSRF, and Spring Boot Actuator misconfigurations to access restricted S3 buckets.AWSCloud SecurityCTF WriteupS3SSRFIMDSv2Spring Boot ActuatorMisconfigurationsIAM RolesReverse-ProxyLeast PrivilegeVPC EndpointDevSecOpsCloud MisconfigurationWIZObservabilityCTFWIZ Perimeter Leak