Explore common security misconfigurations in Amazon Cognito implementations and learn how to test for vulnerabilities during security audits or bug bounty hunting. This conference talk, presented by principal security consultant Yassine Aboukir at Hack In The Box Security Conference, delves into the potential cyber attack risks associated with improper Cognito setups. Discover a real-world case study of a zero-interaction account takeover on Flickr, and gain practical tips for developers to mitigate and avoid these security pitfalls. Benefit from Aboukir's expertise as a top-ranked bug bounty hunter and experienced speaker in the field of application and cloud security.