From Pass The Prt to Pass The Certificate for Azure AD machines In this post, I will explain what NegoEx and PKU2U are, what P2P certificate is and how to use those to gain access to Azure AD machines medium.com/@mor2464/azure…

AD Privesc Kerberos TGS and SeTcbPrivilege If you have SeTcbPrivilege, you can ask TGS on behalf of ALL logged users on your machine WITHOUT Password ...and if there is a Domain Admin logged? Zero detection by EDR/AV github.com/foxlox/GIUDA.g… #redteam #SeTcbPrivilege

Just launched the #CloudBreach Blog 🚀: Dive into the essentials of AWS Enumeration! Uncover the tactics for unauthenticated #AWSEnumeration, leveraging OSINT, Google & GitHub Dorks, and more. A must-read for #CloudSecurity readers. cloudbreach.io/blog/intro-to-…

Active Directory Enumeration for Red Teams mdsec.co.uk/2024/02/active…

Something I still reference a lot. To this day. The Attackers Guide to Azure AD Conditional Access – Daniel Chronlund Cloud Security Blog danielchronlund.com/2022/01/07/the…

PoC Exploit Released for Microsoft Outlook RCE Flaw – CVE-2024-21413 securityonline.info/poc-exploit-re…

AzSubEnum - Azure Service Subdomain Enumeration kitploit.com/2024/02/azsube…

FullBypass: bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) securityonline.info/fullbypass-byp…

Active Directory Advanced Threat Hunting - Using PowerShell to track down the source of account lockouts and bad passwords! Microsoft Microsoft Security Windows #Microsoft #ActiveDirectory #mvpbuzz #coolstuff #Hunting #ADDS #Windows #WindowsServer 👇👇👇👇 github.com/tomwechsler/Ac…

Another log on the fire why I really can’t recommend on premises exchange environments. posts.specterops.io/pwned-by-the-m…

Did you know, that a simple msi repair with a low privileged user can disable Cortex XDR if the tamper protection is turned off? 👇

🚀I'm finally releasing GraphSpy to the public!🕵️ A powerful offensive security tool focused on making initial access and post-compromise enumeration in Microsoft Entra and M365 much more convenient during penetration tests and red team assessments! github.com/RedByte1337/Gr…

How attackers steal Primary Refresh Tokens and access cloud resources. #ThreatHunting #DFIR #EntraID #AzureAD

Creating Payloads with ScareCrow to Mimic Reputable Sources and Bypass Anti-Virus infosecwriteups.com/creating-paylo…

Bypassing MFA on Microsoft Azure Entra ID pentestpartners.com/security-blog/…

A step by step EDR learning path github.com/reveng007/Lear…

securityonline.info/critical-git-v…

AWS Penetration Testing Framework is now publicly available! github.com/T-s3c/AWS-Pent…

A new clickfix technique, FileFix, developed by mr.d0x, is being used in the wild—poorly. Website tersmoles[.]com delivers a "Legitimate Chrome Installer" using FileFix. The attacker didn’t even change the path and filename—just copy-pasted code directly from demo website