Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
Azure's Front Door WAF WTF: IP Restriction Bypass
The Azure Front Door Web Application Firewall (WAF) has an "IP restriction" option that can be bypassed with the inclusion of an HTTP header. What's worse?…
A Threat Hunter’s Guide to Decoding the Cloud
This blog will guide you through how to be a successful threat hunter in cloud environments, along with some helpful tips and advice.
Kicking it Old-School with Time-Based Enumeration in Azure
IntroductionYet another user-enumeration method has been identified in Azure. While Microsoft may have disabled Basic Authentication some time ago, we can…
Unwelcome Guest: Abusing Azure Guest Access to Dump Users, Groups, and more
Enumerate Azure AD users and groups with guest access, exploiting default settings to reveal hidden user lists and group membership.
Weaponization of Token Theft – A Red Team Perspective
This blog is the start of several deep dives into the weaponization of token theft. The focus of this blog will be on conditional access around devices and…
Control Tower Pivoting Using the Default Role
Using AWS Control Tower to Prevent Pivoting Attacks on AWS Organizations and Control Tower.
OneDrive to Enum Them All
THIS POST WAS WRITTEN BY @NYXGEEK Greetings fellow hackers, Today we'll be diving into the topic of user enumeration via OneDrive. I wrote a blog post on this…
Hacking Your Cloud: Tokens Edition 2.0
Access compromised Azure credentials to bypass MFA, gain OWA access, and conduct cloud penetration testing using stolen refresh tokens and Burp Suite Pro.
Top 5 Things That Will Land an Attacker in the Azure Cloud
Unprotected cloud environments can pose significant threats to your company reputation, data, and applications, requiring robust security measures and regular…
Azure AD Kerberos Tickets: Pivoting to the Cloud
Compromising an Azure cloud presence via machine account SSO is possible, allowing attackers to impersonate any account without MFA, using compromised service…
Auditing Exchange Online From an Incident Responder's View
Harden your Microsoft 365 environment against Business Email Compromise (BEC) attacks with TrustedSec's baseline recommendations, including audit logging, MFA,…
A Primer on Cloud Logging for Incident Response
Review Azure, AWS logs to investigate identity-based cloud incidents, including resource and network logs, and enable traditional forensic analysis if needed.
Loading...