NedTechie / Blog

Deep dives into cloud security, infrastructure & DevOps

Practical engineering articles on Linux, AWS, penetration testing, and the tools that keep modern systems running.

15 Articles

21 Topics

Featured

Two curl commands unlocking an S3 bucket

security April 14, 2026 32 min

How Two curl Commands Gave Me Full Access to an S3 Bucket

A routine API pentest revealed that AWS Cognito Identity Pools were handing out S3 credentials to anyone on the internet. Here is how I found it, what I got wrong along the way, and the step-by-step fix.

Nedim Hadzimahmutovic 32 min read

Latest Articles

View all

Terminal showing ls -l output with color-coded owner, group, and other permissions alongside an octal reference chart

Book Jan 18, 2025

Master Linux File Permissions and File Types While Your Coffee Brews

Linux Permissions and File Types Explained by Infographic and Exercises. Perfect for Your Morning Coffee Read.

23 min

Terminal showing Spinel compiling Ruby to native binary with 10x speedup benchmark

development May 23, 2026

I Wrote Ruby and the Compiler Made It 10x Faster

I wrote a log analyzer in Ruby. Then I compiled it to a native binary. It ran 10 times faster than the same algorithm in CRuby, and 3 tim...

15 min

curl command listing S3 bucket contents with no credentials

security Apr 24, 2026

Your S3 Bucket Is an Open Directory and You Probably Don't Know It

One curl command can enumerate every file in your S3 bucket. No credentials. No login. Just an HTTP GET. Here is how to find it, why it m...

9 min

A terminal showing a completed pentest with findings summary

security Apr 23, 2026

Breaking My Own Infrastructure: 12 Days, 19 Findings, 3 False Positives

Twelve days ago I opened a terminal, pointed curl at our staging API, and started breaking things. I didn’t have a plan. I didn’t have a ...

9 min

A door that looks locked from across the street but opens when you turn the handle

security Apr 22, 2026

What --dryrun Taught Me About Confidence

I shipped a false positive to my team. In bold. With a CRITICAL severity tag. And I was wrong. Not “wrong about a detail” wrong. Wrong a...

6 min

An ALB accepting X-Forwarded-For headers directly from the internet

security Apr 21, 2026

The Load Balancer That Trusted Everyone

Rate limiting is supposed to stop brute-force attacks. Ours didn’t. Not because the rate limiter was broken – it worked perfectly. The pr...

7 min

Sequential ID enumeration revealing finance records with sensitive data

security Apr 20, 2026

I Can Read Everyone's Invoices (and Found a Backdoor Inside)

I was testing my own finance records. Checking that the API returned the right data for my user. Standard BOLA test – try accessing someo...

7 min

A refresh token being used five times with all five attempts succeeding

security Apr 19, 2026

The Refresh Token That Wouldn't Die

I logged out. Then I used my old refresh token. It still worked. I used it again. Still worked. Five times. Ten times. A week later. Sti...

7 min

Terminal generating 1000 invoices at 3 AM with no rate limiting

security Apr 18, 2026

It's 3 AM and I'm Creating a Thousand Invoices

I wasn’t supposed to be awake at 3 AM. But I’d had too much coffee and my brain wouldn’t shut off, so I figured I’d do one more test befo...

5 min

Deep dives into cloud security, infrastructure & DevOps

Featured

How Two curl Commands Gave Me Full Access to an S3 Bucket

Latest Articles

Master Linux File Permissions and File Types While Your Coffee Brews

I Wrote Ruby and the Compiler Made It 10x Faster

Your S3 Bucket Is an Open Directory and You Probably Don't Know It

Breaking My Own Infrastructure: 12 Days, 19 Findings, 3 False Positives

What --dryrun Taught Me About Confidence

The Load Balancer That Trusted Everyone

I Can Read Everyone's Invoices (and Found a Backdoor Inside)

The Refresh Token That Wouldn't Die

It's 3 AM and I'm Creating a Thousand Invoices

Trending Tags