Amazon AWS
Cognito
AWS Cognito helps to authenticate users using amazon solutions, if identity pool is enabled it is possible to gather a temporary token
https://blog.appsecco.com/exploiting-weak-configurations-in-amazon-cognito-in-aws-471ce761963
Found secrets?
Use those secrets in aws CLI
Once inside, escalate your privileges
https://dhiyaneshgeek.github.io/cloud/security/2022/06/23/aws-misconfigurations/
Bucket Decloaker
https://gist.github.com/fransr/a155e5bd7ab11c93923ec8ce788e3368