Rogue OIDC IdP persistence (AWS) TL;DR: Plant an attacker-controlled OIDC IdP in the target account to mint STS sessions via federation, evading access-key-centric detections. Stub — to be filled in. What it is TODO Preconditions / where it applies TODO Technique TODO Detection and defence TODO References https://www.offensai.com/blog/rogueoidc-aws-persistence-and-evasion-through-attacker-controlled-oidc-identity-provider