Discovering and exploiting remote hosts running vulnerable versions of Windows distributions
Usually, Windows KVM Virtualization is not supported on several cloud platforms like Digitalocean, OVH, Linode, etc. But some users found a workaround this restriction by booting an unsecured version of Windows distros available at places like WhatUpTime.com. The only problem being, they use a redundant weak password for all their machines. I collected a list of vulnerable machines via the search API at shodan and brute-forced them with the default password. The results were great. I quickly shared my findings with Digitalocean and they took down those machines.
Python, REST APIs, Hydra(Kali-Linux)
#T hird-Party Services Shodan.io
AWS