TLDR; Last week I participated in the "Hack The Amazon Interview - Find The Memory Leak" by @NahamSec and @bugpoc_official. Here is the challenge description: “We insecurely stored a Python variable called SECRET_API_KEY somewhere on our server. Try to find it! - http://doggo.buggywebsite.com” Here are the main steps I followed to solv...

Last week I took part in "[REDACTED] first-ever AWS Capture the Flag" and since the challenge is not online anymore I thought I would write how I solved it. When you open the target you see a website that let you check if your website is down by entering the URL into the form. If the website is up (the response status code is 200) you ...