This post is part 3⁄5 of Azure AD and Microsoft 365 kill chain blog series.
Azure AD and Office 365 are cloud services and most information is hidden to the members (or guests) of the tenant. However, there are plenty of information publicly available to anyone.
In this blog, using AADInternals v0.4.5, I’ll show how to gather information of any Azure AD tenant as an insider.
This post is part 2⁄5 of Azure AD and Microsoft 365 kill chain blog series.
When sharing SharePoint to people outside the organisations or inviting them to Teams, a corresponding guest account is created to Azure AD. Although the created guest account is not a pure insider, it has wide read-only access to organisation’s Azure AD information.
In this blog, using AADInternals v0.4.0, I’ll show how to gather information from Azure AD tenant as a guest user.
This post is part 1⁄5 of Azure AD and Microsoft 365 kill chain blog series.
Azure AD and Office 365 are cloud services and most information is available only to the members (or guests) of the tenant. However, there are plenty of information publicly available to anyone.
In this blog, using AADInternals v0.4.0, I’ll show how to gather information of any Azure AD tenant as an outsider.
Sean Metcalf (@Pyrotek3) organised a great webcast at the end of the May 2020. Among other things, Sean introduced a new (to me, at least) attack-vector where an Azure AD administrator can easily get a system level access to any Azure virtual machine of the organisation. Naturally, I had to implement this functionality to AADInternals.
In this blog, using AADInternals v0.3.3, I’ll show how a Global Administator can gain access to any Azure VM of the organisation.
Microsoft has published a PowerShell module for their partners to ease and automate operations with their customers. This module is (quite intuitively) called Partner Center. While the module does well what it’s meant to do, it also tells Microsoft what the partners are doing.
