Recently Updated Pages
Abusing Device Code Authentication
Device Code Authentication allows to compromise a AAD / M365 account just like OAuth Abuse but it...
OAuth 2.0 Abuse
OAUth is a protocol that allows third-party applications to access services with access tokens, a...
Password Spraying M365
This attack is not complex as it only consists in "guessing" a user's password but there are stil...
Post-exploitation Reconnaissance
Enumerate AD tenant information admin roles and identify high-value targets in the network ADFS ...
Enumerate Users and Domains
MS has a series of public APIs and DNS public suffixes that we can check during the enumeration p...
Overview of Azure & M365
AAD (Azure Active Directory) is an identity and access management service: it allows users and ap...
Useful links
dirkjanm.io Blog AADInternals Blog List of Managed Identities Web applications Portal.az...
Analysing the first stages of a malware attack
It started with a URL I recently stumbled upon the following curious URL hxxps://rechnung-webmail...