Tuesday, May 17, 2022

Malicious AzureAD Application Registrations

In this post we will explore an entry point into how to leverage AzureAD app registrations for offensive purposes.

Before getting into it, I’d like to thank @Antonlovesdnb for helping me explore this further and the defensive guidance. Also a shoutout to @dafthack for spitballing ideas about ways to abuse this. Cheers to you both 🙂

UPDATE Wanted to add some more shout outs and links to some awesome work others have done on or related to this:

​Azure App Services for Offensive Operations by @…

Read More

Latest news
Related news