Advanced Search
Search Results
3 total results found
Password Spraying M365
This attack is not complex as it only consists in "guessing" a user's password but there are still some precautions we want to take: Slow spraying to avoid account lockouts Rotating IPs via proxies and / or VPNs to avoid IP blacklisting and to bypass location...
OAuth 2.0 Abuse
OAUth is a protocol that allows third-party applications to access services with access tokens, avoiding the disclosure of the user's credentials. What we can do as an attacker is create a malicious OAuth app to coerce users into granting the application acces...
Abusing Device Code Authentication
Device Code Authentication allows to compromise a AAD / M365 account just like OAuth Abuse but it's generally harder to detect / set up and doesn't require any input from the victim. The downside to this technique is that the device codes are valid for only a ...