[>_] Home [>_] Services [>_] Skills [>_] Certifications [>_] Experience [>_] Education [>_] Volunteering [>_] Projects [>_] Publications [>_] Writeups [>_] Contact
Bug
Bounty
Intermediate
AWS Bug Bounty P1 Critical

$3,000 SSRF Bug: Pivoting from a Public Endpoint to Internal AWS Metadata

How a blind SSRF in an image-processing endpoint exposed internal AWS IAM credentials via the metadata …

Feb 5, 2026 · 9–11 min read