AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
https://github.com/darkquasar/AzureHunter
#azure #o365
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
https://github.com/darkquasar/AzureHunter
#azure #o365
GitHub
GitHub - darkquasar/AzureHunter: A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365 - darkquasar/AzureHunter
Phishing With Spoofed Cloud Attachments
This article looks at how you can abuse the cloud attachment feature on O365 to make executables (or any other file types) appear as harmless attachments.
https://mrd0x.com/phishing-o365-spoofed-cloud-attachments/
#phishing #O365 #abuse
This article looks at how you can abuse the cloud attachment feature on O365 to make executables (or any other file types) appear as harmless attachments.
https://mrd0x.com/phishing-o365-spoofed-cloud-attachments/
#phishing #O365 #abuse
👍1
Password Spraying and MFA Bypasses
https://www.sprocketsecurity.com/blog/how-to-bypass-mfa-all-day
#ntlm #password #spraying #o365 #exchange #mfa
https://www.sprocketsecurity.com/blog/how-to-bypass-mfa-all-day
#ntlm #password #spraying #o365 #exchange #mfa
Sprocket Security
Password spraying and MFA bypasses in the modern security landscape
Any offensive security operator will tell you that guessing employee credentials is key to compromising your customer’s network – and therefore highlighting vulnerabilities – during a cyber-security engagement. The thing is, it’s easier said than done as…
CredMaster
Launch a password spray / brute force attach via Amazon AWS passthrough proxies, shifting the requesting IP address for every authentication attempt. This dynamically creates FireProx APIs for more evasive password sprays.
The following plugins are currently supported:
— OWA
— EWS
— O365
— O365Enum
— MSOL
— Okta
— FortinetVPN
— HTTPBrute
— ADFS
— AzureSSO
https://github.com/knavesec/CredMaster
#owa #o365 #adfs #password #spraying
Launch a password spray / brute force attach via Amazon AWS passthrough proxies, shifting the requesting IP address for every authentication attempt. This dynamically creates FireProx APIs for more evasive password sprays.
The following plugins are currently supported:
— OWA
— EWS
— O365
— O365Enum
— MSOL
— Okta
— FortinetVPN
— HTTPBrute
— ADFS
— AzureSSO
https://github.com/knavesec/CredMaster
#owa #o365 #adfs #password #spraying
🔥4