Scott Weston
Labs Researcher
Scott Weston is a Labs Researcher at NetSPI originally from San Diego, CA and currently based out of MN. He has over 5 years of experience in information security and has worked in areas focusing on web, external networks, Amazon Web Services (AWS), Google Cloud Platform (GCP), Oracle Cloud Infrastructure (OCI). In his spare time he enjoys pursuing individual bug bounties and other interesting avenues of pentesting.
Scott can be found under the alias @WebbinRoot on platforms like LinkedIn and has various open source projects that can be found on GitHub
Scott can be found under the alias @WebbinRoot on platforms like LinkedIn and has various open source projects that can be found on GitHub
More By Scott Weston
Cloud Pentesting
An Introduction to GCPwn – Parts 2 and 3
Example exploit path using GCPwn covering enumeration, brute forcing secrets manager versions, and downloading data from cloud storage both through default enum_buckets and with HMAC keys.
Learn More
Cloud Pentesting
An Introduction to GCPwn – Part 1
GCPwn is a pentesting tool. Learn about credential management, launching modules, permissions (including testIamPermissions), and final notes.
Learn More
Cloud Pentesting
Pivoting Clouds in AWS Organizations – Part 2: Examining AWS Security Features and Tools for Enumeration
Explore AWS Organizations security implications and see a demonstration of a new Pacu module created for ease of enumeration. Key insights from AWS pentesting.
Learn More
Cloud Pentesting
Pivoting Clouds in AWS Organizations – Part 1: Leveraging Account Creation, Trusted Access, and Delegated Admin
Explore several key points of AWS Organizations theory and learn exploitable opportunities in existing AWS solutions. Key insights from AWS pentesting.
Learn More
