Explore the results of an internet-scale analysis of AWS Cognito security configurations in this 57-minute conference talk from BruCON 0x0B. Delve into the identification of 2500 identity pools, which granted access to over 13000 S3 buckets, 1200 DynamoDB tables, and 1500 Lambda functions. Begin with an introduction to AWS Cognito and its configuration options for granting end-users direct access to AWS resources. Examine a step-by-step explanation of configuration weaknesses using specific demos, followed by an automated approach for large-scale analysis. Learn about the challenges of identifying Cognito identity pool IDs, including the process of downloading and decompiling thousands of APKs from the Google Play store. Discover the in-depth permission brute-force tool used to analyze unauthenticated roles and identify potential breaches of the least privilege principle. Gain valuable recommendations for secure service configuration and insights into the reasons behind widespread security issues, including poor documentation and examples on the AWS site. Read more