Azure#
Table View#
Created |
Action |
Description |
Author |
---|---|---|---|
2021-11-01 |
A campaign to simulate a threat actor granting the Microsoft Graph RoleManagement.ReadWrite.Directory (application) permission to an Azure service principal and using the new permissions to add an Azure AD object or user account to an Admin directory role (i.e. Global Administrators). |
Roberto Rodriguez @Cyb3rWard0g |
|
2022-05-01 |
A campaign to simulate a threat actor disovering Azure AD users, applications, service principals, groups and directory roles. |
Roberto Rodriguez @Cyb3rWard0g |
|
2022-04-28 |
Add New Password Credential to Azure AD Application and Read Mail |
A campaign to simulate a threat actor adding password credentials to an Azure AD application, getting an access token with the new credentials and reading mail from a specific user via MS Graph with the security context of the Azure AD application. |
Roberto Rodriguez @Cyb3rWard0g |