Headshot of Karl Fosaaen

Karl Fosaaen

VP, Research

As a VP of Research, Karl is part of a team developing new services and product offerings at NetSPI. Karl previously oversaw the Cloud Penetration Testing service lines at NetSPI and is one of the founding members of NetSPI's Portland, OR team. Karl has a Bachelors of Computer Science from the University of Minnesota and has been in the security consulting industry for 15 years. Karl spends most of his research time focusing on Azure security and contributing to the NetSPI blog. As part of this research, Karl created the MicroBurst toolkit to house many of the PowerShell tools that he uses for testing Azure. In 2021, Karl co-authored the book "Penetration Testing Azure for Ethical Hackers" with David Okeyode.

More by Karl Fosaaen

Security Magazine: Closing the cloud skills gap as adoption grows

NetSPI's VP of Research, Karl Fosaaen, weighs in on addressing the cybersecurity skills gap to avoid data security risks during cloud migrations.

Learn More
Cloud Pentesting

Azure Deployment Scripts: Assuming User-Assigned Managed Identities

Learn how to use Deployment Scripts to complete faster privilege escalation with Azure User-Assigned Managed Identities.

Learn More
Cloud Pentesting

Extracting Sensitive Information from the Azure Batch Service 

The added power and scalability of Batch Service helps users run workloads significantly faster, but misconfigurations can unintentionally expose sensitive data.

Learn More
Cloud Pentesting

Automating Managed Identity Token Extraction in Azure Container Registries

Learn the processes used to create a malicious Azure Container Registry task that can be used to export tokens for Managed Identities attached to an ACR.

Learn More
Cloud Pentesting

Mistaken Identity: Extracting Managed Identity Credentials from Azure Function Apps 

NetSPI explores extracting managed identity credentials from Azure Function Apps to expose sensitive data.

Learn More
Videos & Livestreams

Azure Cloud Security Pentesting Skills

At Black Hat, NetSPI VP of Research Karl Fosaaen sat down with the host of the Cloud Security Podcast Ashish Rajan to discuss all things Azure penetration testing. Give the video a watch and then head over to NetSPI's Azure Penetration Testing service to learn more.

Learn More
Personnel Development

NetSPI’s Dark Side Ops Courses: Evolving Cybersecurity Excellence

Check out our evolved Dark Side Operations courses with a fully virtual model to evolve your cybersecurity skillset.

Learn More
Cloud Pentesting

Escalating Privileges with Azure Function Apps

Explore how undocumented APIs used by the Azure Function Apps Portal menu allowed for directory traversal on the Function App containers.

Learn More
Cloud Pentesting

Pivoting with Azure Automation Account Connections

Discover a helpful function for enumerating potential pivot points from an existing Azure Automation Account with Contributor level access.

Learn More
Cloud Pentesting

How to Gather Azure App Configurations

Learn how to gather access keys for App Configuration resources and how to use those keys to access the configuration key-value pairs.

Learn More
Videos & Livestreams

Backdooring and Hijacking Azure AD Accounts by Abusing External Identities

This talk gives insight into the external identities concepts, into the technicalities that allowed these attacks to exist, and into ways to harden against these attacks and detect abuse of these vulnerabilities.

Learn More
Cloud Pentesting

Abusing Azure Hybrid Workers for Privilege Escalation – Part 1

Configure Windows VMs in Azure for Hybrid Workers with "Run as" certificates. Check out this post for step-by-step guidance and tips.

Learn More