This is a talk that was delivered as part of NahamCon EU 2022 virtual conference. The topic outlines and discusses a few common security misconfigurations that affects Amazon Cognito implementation along with various techniques and methods to test against these security issues.