⌘Ctrlk

Introduction
Articles
Notes

Powered by GitBook

On this page

Notes

AAD

Some (mostly) conceptual notes about AAD

Useful Links Overview of Azure & M365 Enumerate Users and Domains Post-exploitation Reconnaissance OAuth 2.0 Abuse Abusing Device Code Authentication Abusing Cloud Administrator Role Abusing User Administrator Role AAD Federated Backdoor Service Principal Abuse Compromising Azure Blobs and Storage Accounts Malicious Device Join Disabling Auditing (Unified Audit Logs)Spoofing Azure Sign-In Logs Registering Fake Agents for Log Spoofing Pass the PRT Pass the Cookie Abusing Managed Identities Virtual Machine Abuse Attacking Key Vaults

PreviousLOLBIN Enumeration NextUseful Links