rootsecdev's profile picture. Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.

rootsecdev

@rootsecdev

Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.

Pinned

Just wanted to remind everyone. Azure Cloud training does not need to be super expensive. You just need to know where to look. Because that is what hackers do. #Azure #Cloud #Hacking Books: amazon.com/Penetration-Te… Labs: github.com/iknowjason/Awe… Free SANS Courses (on demand):…


rootsecdev reposted

New blog out! It’s not rocket science, but if an attacker has access to Front Door WAF and Log Analytics, they could be skimming plaintext credentials from users thanks to Front Door’s verbose logging.

nyxgeek's tweet image. New blog out! It’s not rocket science, but if an attacker has access to Front Door WAF and Log Analytics, they could be skimming plaintext credentials from users thanks to Front Door’s verbose logging.

Your Web Application Firewall (WAF) sees EVERYTHING 👁️ In our new blog, @nyxgeek demonstrates how an attacker with access to #Azure Front Door’s WAF and Log Analytics can potentially skim credentials from a site behind the WAF. Read it now! trustedsec.com/blog/skimming-…



rootsecdev reposted

Only 82 more days until Q4 is over.


rootsecdev reposted

Your Web Application Firewall (WAF) sees EVERYTHING 👁️ In our new blog, @nyxgeek demonstrates how an attacker with access to #Azure Front Door’s WAF and Log Analytics can potentially skim credentials from a site behind the WAF. Read it now! trustedsec.com/blog/skimming-…


I hear some folks in IT may have a banger of a weekend

rootsecdev's tweet image. I hear some folks in IT may have a banger of a weekend

I really need to amp up my xitter usage. But for now…

rootsecdev's tweet image. I really need to amp up my xitter usage. But for now…

Red Hat Consulting breach puts over 5000 high profile enterprise customers at risk — in detail | by Kevin Beaumont | Oct, 2025 | DoublePulsar doublepulsar.com/red-hat-consul…


rootsecdev reposted

Attackers appearing to be aligned with the Clop ransomware group have sent emails to Oracle customers seeking extortion payments, claiming they stole data from the tech giant’s E-Business Suite, according to researchers who spoke with CyberScoop. scoopmedia.co/432c7D1

CyberScoopNews's tweet image. Attackers appearing to be aligned with the Clop ransomware group have sent emails to Oracle customers seeking extortion payments, claiming they stole data from the tech giant’s E-Business Suite, according to researchers who spoke with CyberScoop. scoopmedia.co/432c7D1

rootsecdev reposted
Mind_Essentials's tweet image.

I can confirm this how my morning started and ended.

rootsecdev's tweet image. I can confirm this how my morning started and ended.

rootsecdev reposted

Join @Carlos_Perez for our next webinar on October 15 at 1:00PM. We'll draw from recent, anonymized investigations to expose the most devastating failure patterns our Incident Response team has encountered in the field. Secure your spot now! trustedsec.zoom.us/webinar/regist…

TrustedSec's tweet image. Join @Carlos_Perez for our next webinar on October 15 at 1:00PM. We'll draw from recent, anonymized investigations to expose the most devastating failure patterns our Incident Response team has encountered in the field. Secure your spot now!
trustedsec.zoom.us/webinar/regist…

rootsecdev reposted

As it turns out AWS not only made changes to their TOS, they are actively enforcing them. Thus, the current public release of TeamFiltration has been rendered more or less useless for enum and spraying EntraId tenants.


Hot damn feeling good this morning

rootsecdev's tweet image. Hot damn feeling good this morning

Important health announcement today

rootsecdev's tweet image. Important health announcement today

Look at that pineapple 🍍

rootsecdev's tweet image. Look at that pineapple 🍍

I recently ran into this when I was attempting to expose an access token to a container registry. I got denied... then when I get to looking at things... its not on a private endpoint and I should have access to any network to exfil containers. Nope. This is some hotness on…


I heard @_dirkjan is going to be its own Mitre ID in itself. Loving @DrAzureAD talk on Token Theft Protection. youtube.com/watch?v=YlPkCX…

rootsecdev's tweet image. I heard @_dirkjan is going to be its own Mitre ID in itself. Loving @DrAzureAD talk on Token Theft Protection. 

youtube.com/watch?v=YlPkCX…

Loading...

Something went wrong.


Something went wrong.