Uncategorized – SecureCloudBlog

julkaissut Joosua Santasalo 17 toukokuun, 2022 0

Highly experimental – Bypassing trusted Device requirements for Azure CLI in restricted environments where API’s are only available for browser sessions

Some environments require trusted device to access API’s on mobile and desktop clients (which AZ CLI is categorized as) –Lue lisää

julkaissut Joosua Santasalo 12 toukokuun, 2022 0

Uncategorized

Bypassing sign-in frequency requirements for Conditional Access on 3rd party clients

Based on recent testing SIF (sign-in-frequency) enforcement can be bypassed when refresh token is available for exchange¹ on third party²Lue lisää

julkaissut Joosua Santasalo 5 toukokuun, 2022 0

Uncategorized

Azure AD Cross-tenant attacks via multi-tenant implants (servicePrincipals)

I decided to do short write-up since I’ve been getting lot of questions about this attack type originally discovered byLue lisää

julkaissut Joosua Santasalo 27 huhtikuun, 2022 0

Uncategorized

Azure Monitor – Malicious KQL Query

Malicious KQL Query: Malicious KQL query is injection technique, where attacker with targetable workspace resourceID can inject listener of accessLue lisää

julkaissut Joosua Santasalo 22 huhtikuun, 2022 0

Uncategorized

Collection AAD authentication related tools

https://github.com/jsa2/aad_device_code https://github.com/jsa2/aadcookiespoof