Cloud Hacking
Revision as of 23:41, 19 September 2023 by Booda (talk | contribs) (Created page with "== Office 365 & Azure == * Extremely in-depth technical info on everything https://o365blog.com * https://www.synacktiv.com/en/publications/azure-ad-introduction-for-red-teamers.html * https://blog.xpnsec.com/azuread-connect-for-redteam * AAD Connect Cloud Sync: as local admin impersonate or retrieve managed password of the provagentgMSA account to dcsync. ** see: https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Direc...")
Office 365 & Azure
- Extremely in-depth technical info on everything https://o365blog.com
- https://www.synacktiv.com/en/publications/azure-ad-introduction-for-red-teamers.html
- https://blog.xpnsec.com/azuread-connect-for-redteam
- AAD Connect Cloud Sync: as local admin impersonate or retrieve managed password of the provagentgMSA account to dcsync.
- https://www.blackhillsinfosec.com/webcast-getting-started-in-pentesting-the-cloud-azure
- https://github.com/dafthack/CloudPentestCheatsheets/blob/master/cheatsheets/Azure.md
- https://www.inversecos.com
Tools
- https://github.com/nyxgeek/o365recon
- https://github.com/dirkjanm/ROADtools
- https://github.com/fox-it/adconnectdump
- https://github.com/LMGsec/o365creeper
- https://bloodhound.readthedocs.io/en/latest/data-collection/azurehound.html
- https://github.com/rvrsh3ll/TokenTactics
- https://github.com/nyxgeek/onedrive_user_enum
- https://github.com/dafthack/MSOLSpray
- https://github.com/dafthack/MFASweep