Catching Secrets in the Cloud with Pawel Rzepa

OWASP DevSlop Project
OWASP DevSlop Project
Public group

Needs a location


Have you ever wonder if the access to your cloud kingdom is secure? Have you ever thought how cyber criminals are hunting for your secrets? How can you be sure that your secret is not "mistakenly" available to the public?

On the DelSlop show this week Pawel will show us different methods used by cyber criminals to find access keys, credentials and other secrets in the public Internet.

How can Shannon Entropy help you to do that? Pawel will show how he uses scanners to search an AWS space and will demonstrate his own tool to analyse big amounts of data in search for sensitive data.

Join us live on

Videos can be found afterwards at

Pawel is a senior security consultant in SecuRing. He has a wide experience in security field gained inter alia, as a fuzzer developer at Spirent, pentester at EY GSS, security auditor at Credit Agricole or threat analyst at IBM SOC.

His skills are proven by gaining both the OSCP and eMAPT certificates. Pawel actively supports the OWASP community as a one of the top contributors in the OWASP MSTG project and by organizing local OWASP chapter meetings in Wroclaw.