Karl Fosaaen
VP, Research
More by Karl Fosaaen
Azure Deployment Scripts: Assuming User-Assigned Managed Identities
March 14, 2024
Learn how to use Deployment Scripts to complete faster privilege escalation with Azure User-Assigned Managed Identities.
Extracting Sensitive Information from the Azure Batch Service
February 28, 2024
The added power and scalability of Batch Service helps users run workloads significantly faster, but misconfigurations can unintentionally expose sensitive data.
Automating Managed Identity Token Extraction in Azure Container Registries
January 4, 2024
Learn the processes used to create a malicious Azure Container Registry task that can be used to export tokens for Managed Identities attached to an ACR.
Mistaken Identity: Extracting Managed Identity Credentials from Azure Function Apps
November 16, 2023
NetSPI explores extracting managed identity credentials from Azure Function Apps to expose sensitive data.
Azure Cloud Security Pentesting Skills
October 11, 2023
At Black Hat, NetSPI VP of Research Karl Fosaaen sat down with the host of the Cloud Security Podcast Ashish Rajan to discuss all things Azure penetration testing. Give the video a watch and then head over to NetSPI's Azure Penetration Testing service to learn more.
NetSPI’s Dark Side Ops Courses: Evolving Cybersecurity Excellence
October 10, 2023
Check out our evolved Dark Side Operations courses with a fully virtual model to evolve your cybersecurity skillset.
Escalating Privileges with Azure Function Apps
March 23, 2023
Explore how undocumented APIs used by the Azure Function Apps Portal menu allowed for directory traversal on the Function App containers.
Pivoting with Azure Automation Account Connections
February 16, 2023
Discover a helpful function for enumerating potential pivot points from an existing Azure Automation Account with Contributor level access.
How to Gather Azure App Configurations
December 8, 2022
Learn how to gather access keys for App Configuration resources and how to use those keys to access the configuration key-value pairs.
Backdooring and Hijacking Azure AD Accounts by Abusing External Identities
November 11, 2022
This talk gives insight into the external identities concepts, into the technicalities that allowed these attacks to exist, and into ways to harden against these attacks and detect abuse of these vulnerabilities.
Abusing Azure Hybrid Workers for Privilege Escalation – Part 1
March 17, 2022
Configure Windows VMs in Azure for Hybrid Workers with "Run as" certificates. Check out this post for step-by-step guidance and tips.
How To Extract Credentials from Azure Kubernetes Service (AKS)
January 27, 2022
In this penetration testing blog, we explain how to extract credentials from the Azure Kubernetes Service (AKS) using the Contributor role permissions on an AKS cluster.