nyxgeek
@nyxgeek
Followers
7K
Following
54K
Media
803
Statuses
11K
rebel scum, nerfherder, dogged and relentless. H/P/V/A/C Directory - https://t.co/qn0D9H7IIi
hacking gibsons
Joined June 2012
If anyone wants to check out my DEF CON talk about massive user enumeration, presence monitoring, and guest relationships in Azure, they posted the video a few days back. Track the Planet!.
5
17
103
If you’re using Azure Front Door WAF, make sure you select the correct IP match variable or you’re gonna have a bad time. Here’s a standalone tool you can run from CloudShell to check for insecure Front Door WAF rules that utilize RemoteAddr.
Does your WAF use IP restrictions, or are they more like IP recommendations? @nyxgeek reveals the difference between RemoteAddr and SocketAddr, a distinction that could create a 'sleeper' rule that looks secure but is easily bypassed.
3
22
65
RT @TrustedSec: Does your WAF use IP restrictions, or are they more like IP recommendations? @nyxgeek reveals the difference between Remote….
0
14
0
RT @todayininfosec: 1982: The movie Tron was released. The story of a software engineer who tried to hack his old employer's mainframe to p….
0
21
0
RT @HackingLZ: Really big fan of the post exploitation enumeration/discovery framework called ServiceNow.
0
52
0
RT @TrustedSec: What started as casual poking around quickly revealed a serious privilege escalation. In our latest blog, @Oddvarmoe shares….
0
27
0
RT @Oddvarmoe: The writeup about the CVE-2025-1729 I mentioned earlier this year is published. Fix from Lenovo should be out today.
0
9
0
RT @TheCinesthetic: Since its release 11 years ago, just one hour and 31 minutes have passed on Miller's planet in Interstellar. https://t.….
0
27K
0
RT @briantylercohen: Hey @MattWallace888, since you saw the leaked files back in February, why don't you tell us what the White House won't….
0
14K
0
RT @TrustedSec: Check out this @CyberNews video featuring @HackingDave! They break down the story behind the mysterious hacker group the Sh….
0
5
0
