How to exploit AWS Cognito.
AWS Cognito may be vulnerable in various ways. Often, user registration is permitted where a web application may not present user registration functionality. The following tool will help find these flaws:
https://github.com/padok-team/cognito-scannerarrow-up-right
cognito-scanner account-creation --region=eu-west-3 [email protected] --client_id=pucXBthcyRvzwqj0WXG28DQeav --username='cognito_user' --password='R4nd0mP4$$word'
Last updated 1 year ago
