Karl Fosaaen
@kfosaaen.bsky.social
VP of Research - @netspi
Co-author of “Penetration Testing Azure for Ethical Hackers” (http://amzn.to/3GOvW3A).
@kfosaaen on most other platforms
Co-author of “Penetration Testing Azure for Ethical Hackers” (http://amzn.to/3GOvW3A).
@kfosaaen on most other platforms
And finally here's a direct link to the tool -
github.com/NetSPI/Micro...
github.com/NetSPI/Micro...
MicroBurst/Az/Get-AzWebAppTokens.ps1 at master · NetSPI/MicroBurst
A collection of scripts for assessing Microsoft Azure security - NetSPI/MicroBurst
github.com
July 24, 2025 at 3:41 PM
And finally here's a direct link to the tool -
github.com/NetSPI/Micro...
github.com/NetSPI/Micro...
Cody really did all the heavy lifting here with figuring out the decryption. I just automated that process into a tool. Make sure to read his blog on that process - dazesecurity.io/blog/abusing...
Continuous Testing
dazesecurity.io
July 24, 2025 at 3:41 PM
Cody really did all the heavy lifting here with figuring out the decryption. I just automated that process into a tool. Make sure to read his blog on that process - dazesecurity.io/blog/abusing...
New Function (Get-AzLoadTestingData) was also added to MicroBurst to automate this attack
github.com/NetSPI/Micro...
github.com/NetSPI/Micro...
MicroBurst/Az/Get-AzLoadTestingData.ps1 at master · NetSPI/MicroBurst
A collection of scripts for assessing Microsoft Azure security - NetSPI/MicroBurst
github.com
July 1, 2025 at 8:47 PM
New Function (Get-AzLoadTestingData) was also added to MicroBurst to automate this attack
github.com/NetSPI/Micro...
github.com/NetSPI/Micro...
TL;DR
The service allows you to run JMeter load tests.
It supports Managed Identities and Key Vaults.
You can get code execution on the service to extract tokens, vault secrets and certs
The service allows you to run JMeter load tests.
It supports Managed Identities and Key Vaults.
You can get code execution on the service to extract tokens, vault secrets and certs
July 1, 2025 at 8:47 PM
TL;DR
The service allows you to run JMeter load tests.
It supports Managed Identities and Key Vaults.
You can get code execution on the service to extract tokens, vault secrets and certs
The service allows you to run JMeter load tests.
It supports Managed Identities and Key Vaults.
You can get code execution on the service to extract tokens, vault secrets and certs
And here's a link to the blog - www.netspi.com/blog/technic...
Hijacking Azure Machine Learning Notebooks (via Storage Accounts)
Abusing Storage Account Permissions to attack Azure Machine Learning notebooks
www.netspi.com
January 8, 2025 at 4:33 PM
And here's a link to the blog - www.netspi.com/blog/technic...
The tooling was inspired by the research in this talk by Aled Mehta and Christian Philipov - "[D24] Smoke and Mirrors: How to hide in Microsoft Azure" - www.youtube.com/watch?v=uvoV...
January 8, 2025 at 4:33 PM
The tooling was inspired by the research in this talk by Aled Mehta and Christian Philipov - "[D24] Smoke and Mirrors: How to hide in Microsoft Azure" - www.youtube.com/watch?v=uvoV...