Beast Attack in Hanami with Dynamodb

A Beast Attack (Binding Excessive API Abuse) occurs when an API allows clients to specify object identifiers or ordering in a way that leads to excessive data exposure or resource consumption. In a Hanami application using Amazon DynamoDB as the persistence layer, this can manifest when query parameters, sort keys, or pagination controls are reflected directly into DynamoDB request construction without strict validation or authorization checks. Because DynamoDB is a NoSQL store, the structure of keys and indexes can amplify the impact if an attacker manipulates key conditions or scans to access unrelated items or drive high read capacity usage.

Consider a Hanami endpoint that lists user notifications by sorting on a timestamp attribute. If the sort direction (ASC or DESC) and the partition key are supplied directly from the client without verifying that the requesting user owns the data, a Beast Attack can allow enumeration of other users’ notifications or force the query to scan a large portion of a DynamoDB table. DynamoDB’s pagination tokens and LastEvaluatedKey responses can be abused to drive sequential scans across partitions when combined with predictable key schemas. This becomes more pronounced when the Hanami service reuses the same DynamoDB table for multiple aggregates without proper access controls on the query parameters.

Another scenario involves filtering on non-key attributes using ExpressionAttributeNames and ExpressionAttributeValues constructed from user input. If the attribute names are not whitelisted, an attacker can inject unexpected names to probe other item attributes, effectively bypassing intended data isolation. Because DynamoDB does not enforce row-level permissions natively, the Hanami application must implement ownership checks before issuing Query or Scan requests. Without those checks, a Beast Attack can pivot across users by manipulating sort keys, filter expressions, or pagination limits, leading to excessive data retrieval and potential exposure of sensitive records.

In the context of middleBrick’s LLM/AI Security checks, such API surfaces are relevant because unchecked query parameters can also expose prompts or configuration stored alongside API metadata. For example, if notification items include system prompts or debugging fields, a Beast Attack could unintentionally leak those values through verbose responses or error messages. MiddleBrick’s scans detect whether endpoints reflect unchecked user input into backend calls and highlight risks tied to data exposure and excessive agency patterns, even when the backend is a managed store like DynamoDB.

To mitigate Beast Attack risks in Hanami with DynamoDB, enforce strict parameter validation, ownership checks, and scoped queries. Use whitelists for sort directions and attribute names, and avoid directly passing client-supplied keys into DynamoDB request builders. Implement per-request authorization that confirms the current subject has access to the targeted partition key.

Example: Safe Query with Ownership Check

require "aws-sdk-dynamodb"

class NotificationRepository
  def initialize(table_name = "notifications")
    @dynamodb = Aws::DynamoDB::Client.new
    @table = table_name
  end

  def for_user(user_id, sort_direction: :desc, limit: 20)
    raise ArgumentError, "Invalid sort direction" unless %i[asc desc].include?(sort_direction)

    direction = sort_direction == :desc ? "DESC" : "ASC"
    opts = {
      table_name: @table,
      key_condition_expression: "user_id = :uid",
      expression_attribute_values: {
        ":uid" => { s: user_id }
      },
      scan_index_forward: direction == "ASC",
      limit: limit
    }

    response = @dynamodb.query(opts)
    response.items.map { |it| Notification.from_dynamodb(it) }
  end
end

Example: Safe Filter with Attribute Whitelisting

class SearchRepository
  ALLOWED_FILTER_ATTRS = %w[status category created_at]

  def search(user_id, filters = {})
    # Ensure filters only contain whitelisted attributes
    safe_filters = filters.select { |k, _| ALLOWED_FILTER_ATTRS.include?(k) }

    expression_attribute_names = {}
    expression_attribute_values = { ":uid" => { s: user_id } }

    safe_filters.each_with_index do |(attr, value), idx|
      placeholder = ":f#{idx}"
      expression_attribute_names["##{attr}"] = attr
      expression_attribute_values[placeholder] = { s: value }
    end

    filter_clause = safe_filters.map { |attr, _| "##{attr} = :f#{safe_filters.keys.index(attr)}" }.join(" AND ")

    opts = {
      table_name: "notifications",
      key_condition_expression: "user_id = :uid",
      filter_expression: filter_clause.empty? ? nil : filter_clause,
      expression_attribute_names: expression_attribute_names.empty? ? nil : expression_attribute_names,
      expression_attribute_values: expression_attribute_values
    }

    @dynamodb.query(opts).items.map { |it| Notification.from_dynamodb(it) }
  end
end

Example: Pagination Safety with Exclusive Start Key

class PaginatedRepository
  def list_last_evaluated(user_id, last_key = nil, limit: 10)
    opts = {
      table_name: "notifications",
      key_condition_expression: "user_id = :uid",
      expression_attribute_values: { ":uid" => { s: user_id } },
      limit: limit
    }
    opts["exclusive_start_key"] = last_key if last_key

    response = @dynamodb.query(opts)
    { items: response.items.map { |it| Notification.from_dynamodb(it) }, last_evaluated_key: response.last_evaluated_key }
  end
end

These patterns ensure that user-controlled inputs are never directly used to manipulate key conditions or expression names. Hanami services should validate direction, enforce ownership checks against the current subject, and avoid exposing raw LastEvaluatedKey to clients without integrity checks. By combining these practices with middleBrick’s continuous monitoring (Pro plan) or CI/CD integration (GitHub Action), teams can detect regressions that reintroduce Beast Attack surfaces before they reach production.