Cloud Hacking: Difference between revisions
Jump to navigation
Jump to search
(Created page with "== Office 365 & Azure == * Extremely in-depth technical info on everything https://o365blog.com * https://www.synacktiv.com/en/publications/azure-ad-introduction-for-red-teamers.html * https://blog.xpnsec.com/azuread-connect-for-redteam * AAD Connect Cloud Sync: as local admin impersonate or retrieve managed password of the provagentgMSA account to dcsync. ** see: https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Direc...") |
mNo edit summary |
||
Line 1: | Line 1: | ||
== | == Amazon - AWS == | ||
* | * https://hackingthe.cloud/aws/general-knowledge/aws_organizations_defaults | ||
== Microsoft - Azure == | |||
* https://hackingthe.cloud/azure/abusing-managed-identities | |||
* https://www.synacktiv.com/en/publications/azure-ad-introduction-for-red-teamers.html | * https://www.synacktiv.com/en/publications/azure-ad-introduction-for-red-teamers.html | ||
* https://blog.xpnsec.com/azuread-connect-for-redteam | * https://blog.xpnsec.com/azuread-connect-for-redteam | ||
Line 7: | Line 10: | ||
* https://www.blackhillsinfosec.com/webcast-getting-started-in-pentesting-the-cloud-azure | * https://www.blackhillsinfosec.com/webcast-getting-started-in-pentesting-the-cloud-azure | ||
* https://github.com/dafthack/CloudPentestCheatsheets/blob/master/cheatsheets/Azure.md | * https://github.com/dafthack/CloudPentestCheatsheets/blob/master/cheatsheets/Azure.md | ||
* https:// | * https://bloodhound.readthedocs.io/en/latest/data-collection/azurehound.html | ||
=== Tools | === Microsoft Office 365 - o365 === | ||
* https://github.com/nyxgeek/o365recon | * Extremely in-depth technical info on everything https://o365blog.com | ||
* https://github.com/dirkjanm/ROADtools | |||
* https://github.com/fox-it/adconnectdump | == Google Cloud Platform - GCP == | ||
* https://github.com/LMGsec/o365creeper | * https://cloud.hacktricks.xyz/pentesting-cloud/gcp-security | ||
* https://hackingthe.cloud/gcp/general-knowledge/client-credential-search-order | |||
* https://github.com/rvrsh3ll/TokenTactics | |||
* https://github.com/nyxgeek/onedrive_user_enum | == Cloud Hacking Tools == | ||
* https://github.com/dafthack/MSOLSpray | * https://github.com/nyxgeek/o365recon - Retrieve information via O365 and AzureAD with a valid cred | ||
* https://github.com/dafthack/MFASweep | * https://github.com/dirkjanm/ROADtools - A collection of Azure AD tools for offensive and defensive security purposes | ||
* https://github.com/fox-it/adconnectdump - Dump Azure AD Connect credentials for Azure AD and Active Directory | |||
* https://github.com/LMGsec/o365creeper - Python script that performs email address validation against Office 365 without submitting login attempts. | |||
* https://github.com/rvrsh3ll/TokenTactics - Azure JWT Token Manipulation Toolset | |||
* https://github.com/nyxgeek/onedrive_user_enum - OneDrive user enumeration - pentest tool to enumerate valid o365 users | |||
* https://github.com/dafthack/MSOLSpray - A password spraying tool for Microsoft Online accounts (Azure/O365) | |||
* https://github.com/dafthack/MFASweep - A tool for checking if MFA is enabled on multiple Microsoft Services |
Revision as of 20:45, 20 September 2023
Amazon - AWS
Microsoft - Azure
- https://hackingthe.cloud/azure/abusing-managed-identities
- https://www.synacktiv.com/en/publications/azure-ad-introduction-for-red-teamers.html
- https://blog.xpnsec.com/azuread-connect-for-redteam
- AAD Connect Cloud Sync: as local admin impersonate or retrieve managed password of the provagentgMSA account to dcsync.
- https://www.blackhillsinfosec.com/webcast-getting-started-in-pentesting-the-cloud-azure
- https://github.com/dafthack/CloudPentestCheatsheets/blob/master/cheatsheets/Azure.md
- https://bloodhound.readthedocs.io/en/latest/data-collection/azurehound.html
Microsoft Office 365 - o365
- Extremely in-depth technical info on everything https://o365blog.com
Google Cloud Platform - GCP
- https://cloud.hacktricks.xyz/pentesting-cloud/gcp-security
- https://hackingthe.cloud/gcp/general-knowledge/client-credential-search-order
Cloud Hacking Tools
- https://github.com/nyxgeek/o365recon - Retrieve information via O365 and AzureAD with a valid cred
- https://github.com/dirkjanm/ROADtools - A collection of Azure AD tools for offensive and defensive security purposes
- https://github.com/fox-it/adconnectdump - Dump Azure AD Connect credentials for Azure AD and Active Directory
- https://github.com/LMGsec/o365creeper - Python script that performs email address validation against Office 365 without submitting login attempts.
- https://github.com/rvrsh3ll/TokenTactics - Azure JWT Token Manipulation Toolset
- https://github.com/nyxgeek/onedrive_user_enum - OneDrive user enumeration - pentest tool to enumerate valid o365 users
- https://github.com/dafthack/MSOLSpray - A password spraying tool for Microsoft Online accounts (Azure/O365)
- https://github.com/dafthack/MFASweep - A tool for checking if MFA is enabled on multiple Microsoft Services