Nick Frichette

Software Developer and Security Researcher

This server is part of the Tor network. Onion Address: nickf43ab43xxf3yqgzy5uedsjij6h473rmbyzq6inohcnr3lohlu3yd.onion

Background

My name is Nick Frichette and I'm a Senior Security Researcher, primarily focused on cloud, web application, and CI/CD exploitation. Previously, I worked as a Penetration Tester and Team Lead for a large financial services company.

In my free time I perform security research, participate in CTFs, and engage in community forums. In addition, I'm the primary maintainer of Hacking the Cloud, an encyclopedia of the techniques that offensive security professionals can use against cloud environments.

Aside from that, I'm fortunate to be a part of the AWS Community Builders Program.

Vulnerability Research

These are some notable results from my research. More can be found at my blog.

• Bypassing CloudTrail in AWS Service Catalog, and Other Logging Research
• Cross-Tenant Confused Deputy Vulnerability in AWS AppSync
• AWS CloudTrail bypass for specific IAM actions
• XSS in the AWS Console
• Enumerate AWS API Permissions without Logging to CloudTrail
• Intercept SSM Agent Communications
• CVE-2020-11108: How I stumbled into a Pi-Hole RCE+LPE
• CVE-2020-15511: Account Takeover in Terraform Enterprise

Community Involvement

I'm involved/participate with the security community in several ways. Here are just a few.

• Cloud Security Podcast: How to Escape Clusters in a Managed Kubernetes Cluster? - I was a guest on the Cloud Security Podcast talking about abusing managed Kubernetes clusters.
• DEF CON Cloud Village 2023 - I gave a talk at the DEF CON Cloud Village titled "Evading Logging in the Cloud: Bypassing AWS CloudTrail".
• Wiz: Top 16 cloud security experts you should follow in 2023 - I was included as a "top cloud security expert" in Wiz's yearly roundup.
• fwd:cloudsec 2023 - Gave a talk titled "Evading Logging in the Cloud: Disrupting and Bypassing AWS CloudTrail", which was an overview of my research on AWS CloudTrail bypasses.
• Cloud Security Podcast: Getting Started with Hacking AWS Cloud - I was a guest on the Cloud Security Podcast, discussing some of my security research.
• SANS Pentest Hackfest 2022 - Gave a talk at the main track on "What I Wish I Knew Before Pentesting AWS Environments" (slides)
• Screaming in the Cloud #226 - Corey Quinn - I was a guest on the Screaming in the Cloud podcast, hosted by Corey Quinn. We talked about offensive security in AWS, AWS security research, and more.
• Research in the News - My research has been featured in multiple well-known newsletters including CloudSecList, tl;dr sec, and Bug Bytes.
• ShellCon 2020 - Gave a talk (Hacking AWS - TTPs for the Cloud) at the Main Track of ShellCon 2020. Covered the tactics and techniques a penetration testing or red team can leverage when attacking AWS infrastructure.

Education and Certifications