SESNSploit: Red Team Exploitation of AWS SES and SNS Misconfigurations
Mohd. Arif, Gaurav Joshi
Cloud Village @ DEF CON 33 · Day 1 · Cloud Village
This talk introduces **SESNSploit**, a specialized red team tool designed to identify and exploit common misconfigurations within Amazon Web Services' **Simple Notification Service (SNS)** and **Simple Email Service (SES)**. Presented by Mohd. Arif, standing in for the tool's ideators Gaurav Joshi and HK, the session highlights how these often-overlooked messaging and email services can become critical attack vectors when improperly secured. The tool streamlines the process of reconnaissance, policy analysis, and exploitation, allowing security professionals to simulate real-world attacks.
AI review
SESNSploit is a boto3 wrapper around well-understood SNS/SES misconfiguration patterns — wildcard principals, unvalidated Lambda input — dressed up as a red team tool release. The attack scenarios are real and the Terraform lab scaffolding is a nice touch, but none of this is novel research; it's a scripted version of what any competent cloud pentester does manually on day one.