Azure Ad Introduction For Red Teamers | Presents Azure AD and explores different attacking paths |
Attacking Azure, Azure AD | |
Lateral Movement from Azure to On-Prem AD | Post explaining what Hybrid Azure Join is, target enumeration, and how to abuse Intune/Endpoint Manager to execute code as SYSTEM on target systems |
Azure AD Pass The Certificate | Post explaining what NegoEx and PKU2U are, what a P2P certificate is and how to use those to gain access to Azure AD machines |
Abusing dynamic groups in Azure AD for privilege escalation | Blog presenting a new technique for escalating privileges within Azure environments through the abuse of dynamic groups in Azure Active Directory |