Okta for Red Teamers

In this blog post, I'll discuss some of the post-exploitation techniques that I've found to be useful against Okta. Specifically, this post will look at how to use delegated authentication to our advantage, silver tickets, Okta AD agent spoofing, and finally how to deploy a fake SAML provider.... Read More »