Nick Frichette
@frichetten.com
Staff Security Researcher @datadoghq | DEF CON/Black Hat USA main stage speaker | he/him | OSCP OSWE | I turned hacking AWS into a career | Tweets are my own | Created https://hackingthe.cloud
Ah yes, the alloy known as '<span class="no-text-formatting">white gold</span>'
October 2, 2025 at 9:33 PM
Ah yes, the alloy known as '<span class="no-text-formatting">white gold</span>'
Today in weird things family members say about technology, this is “the weird internet frisbee”.
October 1, 2025 at 9:26 PM
Today in weird things family members say about technology, this is “the weird internet frisbee”.
Added a new challenge coin to the display today, in recognition of my contributions to the AWS Vulnerability Disclosure Program. I’m excited to continue pushing the boundaries of AWS security and helping to build a more secure cloud!
September 18, 2025 at 7:04 PM
Added a new challenge coin to the display today, in recognition of my contributions to the AWS Vulnerability Disclosure Program. I’m excited to continue pushing the boundaries of AWS security and helping to build a more secure cloud!
@fwdcloudsec.org Europe 2025 was incredible! Amazing talks, amazing research, and amazing people. There is no other conference I would recommend for cloud security people. Looking forward to next year!
September 17, 2025 at 11:44 PM
@fwdcloudsec.org Europe 2025 was incredible! Amazing talks, amazing research, and amazing people. There is no other conference I would recommend for cloud security people. Looking forward to next year!
Good morning @fwdcloudsec.org! If you would like exclusive, limited edition, holographic stickers, come find me!
September 15, 2025 at 7:03 AM
Good morning @fwdcloudsec.org! If you would like exclusive, limited edition, holographic stickers, come find me!
Looking forward to seeing everyone in Berlin! Safe travels! @fwdcloudsec.org
September 13, 2025 at 1:06 PM
Looking forward to seeing everyone in Berlin! Safe travels! @fwdcloudsec.org
While not explicitly stated, I do want to stress: Cloud security people aggressively preach not storing long lived AWS access keys in CI/CD pipelines, and that you should instead use things like OIDC. However, that isn’t a silver bullet. In addition…
September 7, 2025 at 5:11 PM
While not explicitly stated, I do want to stress: Cloud security people aggressively preach not storing long lived AWS access keys in CI/CD pipelines, and that you should instead use things like OIDC. However, that isn’t a silver bullet. In addition…
AWS’s commitment to this host name template is incredible. It’s everywhere!
August 29, 2025 at 1:34 PM
AWS’s commitment to this host name template is incredible. It’s everywhere!
Meet my enemy of the day. A piece of metal (razor blade) in my tire.
August 19, 2025 at 8:53 PM
Meet my enemy of the day. A piece of metal (razor blade) in my tire.
I’m skipping out on summer camp this year. Hope everyone has fun! Stay hydrated and shell responsibly! I’m in our New York office this week, and you could be too! We have over 170 open positions across engineering. careers.datadoghq.com/all-jobs/?pa...
August 5, 2025 at 1:17 PM
I’m skipping out on summer camp this year. Hope everyone has fun! Stay hydrated and shell responsibly! I’m in our New York office this week, and you could be too! We have over 170 open positions across engineering. careers.datadoghq.com/all-jobs/?pa...
It’s a month and a half away but I’m already super excited for @fwdcloudsec.org EU! If you’ll be there in Berlin, come find me for limited edition, holographic, @hackingthe.cloud stickers!
August 1, 2025 at 8:40 PM
It’s a month and a half away but I’m already super excited for @fwdcloudsec.org EU! If you’ll be there in Berlin, come find me for limited edition, holographic, @hackingthe.cloud stickers!
After *checks notes* 18 years of running Linux on the desktop in one form or another, I’m going to give Mac a try.
July 30, 2025 at 1:33 AM
After *checks notes* 18 years of running Linux on the desktop in one form or another, I’m going to give Mac a try.
We're headed back to @fwdcloudsec.org EU! This time we're breaking down AWS honey tokens: how they work, tradeoffs of different types, and how they can even defeat AWS 0-days!
July 25, 2025 at 4:23 PM
We're headed back to @fwdcloudsec.org EU! This time we're breaking down AWS honey tokens: how they work, tradeoffs of different types, and how they can even defeat AWS 0-days!
An interesting undocumented API just hit my automation. Looks like AWS is planning a Vector DB for S3? Or some kind of storage Vector storage offering? Operations include:
- QueryVectors
- PutVectors
- PutVectorBucketPolicy
- ListVectors
- ListVectorBuckets
- QueryVectors
- PutVectors
- PutVectorBucketPolicy
- ListVectors
- ListVectorBuckets
July 13, 2025 at 9:38 PM
An interesting undocumented API just hit my automation. Looks like AWS is planning a Vector DB for S3? Or some kind of storage Vector storage offering? Operations include:
- QueryVectors
- PutVectors
- PutVectorBucketPolicy
- ListVectors
- ListVectorBuckets
- QueryVectors
- PutVectors
- PutVectorBucketPolicy
- ListVectors
- ListVectorBuckets
Cool to see AWS notifying customers of misconfigured OIDC trusts which are vulnerable!
July 10, 2025 at 2:16 AM
Cool to see AWS notifying customers of misconfigured OIDC trusts which are vulnerable!
This wasn’t a joke btw. It works. You’d be surprised how much uwu breaks guardrail implementations.
July 4, 2025 at 2:59 AM
This wasn’t a joke btw. It works. You’d be surprised how much uwu breaks guardrail implementations.
It’s a packed house over at @siigil.bsky.social talk on Azure Service Principals, a history on backdooring them, and more!
July 1, 2025 at 3:45 PM
It’s a packed house over at @siigil.bsky.social talk on Azure Service Principals, a history on backdooring them, and more!
Fam, let’s not get kicked out. Save your shells for day 2.
June 30, 2025 at 7:23 PM
Fam, let’s not get kicked out. Save your shells for day 2.
If you want a Hacking the Cloud sticker, and you’re at @fwdcloudsec.org, you’re in luck! You might notice some littered around the common area.
June 30, 2025 at 6:34 PM
If you want a Hacking the Cloud sticker, and you’re at @fwdcloudsec.org, you’re in luck! You might notice some littered around the common area.
GOOD MORNING @fwdcloudsec.org !! The best cloud security conference of the year is just getting started! If you’re here, come say hi. I want to hear about what you’re working on in the cloud or with AI and LLMs!
June 30, 2025 at 1:47 PM
GOOD MORNING @fwdcloudsec.org !! The best cloud security conference of the year is just getting started! If you’re here, come say hi. I want to hear about what you’re working on in the cloud or with AI and LLMs!
Me when I see long lived access keys.
June 29, 2025 at 8:39 PM
Me when I see long lived access keys.
Updated the core switch today! Now to plug more things into the home server rack (and do some better cable management)
June 23, 2025 at 10:57 PM
Updated the core switch today! Now to plug more things into the home server rack (and do some better cable management)
A little over a year ago I published research on how you could leverage non-production AWS API endpoints to enumerate permissions without logging to CloudTrail. A year later...I'm still finding them. Red Teamers, these can be super useful and really up your game!
June 2, 2025 at 1:35 PM
A little over a year ago I published research on how you could leverage non-production AWS API endpoints to enumerate permissions without logging to CloudTrail. A year later...I'm still finding them. Red Teamers, these can be super useful and really up your game!
To renew or not renew…
May 10, 2025 at 2:08 PM
To renew or not renew…