Azure AD Connect for Red Teamers

With clients increasingly relying on cloud services from Azure, one of the technologies that has been my radar for a while is Azure AD. For those who have not had the opportunity to work with this, the concept is simple, by extending authentication beyond on-prem Active Directory, users can authenticate with their AD credentials against Microsoft services such as Azure, Office365, Sharepoint, and hundreds [https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/tutorial-list] of third... Read More »

Kerberos AD Attacks - More Roasting with AS-REP

This post continues with the series of tutorials looking at Kerberos and Active Directory attacks. If you have not had chance to review any of the previous posts in this series, I'd recommend checking them out: * Kerberos AD Attacks - Kerberoasting [https://blog.xpnsec.com/kerberos-attacks-part-1/] * Using machine account credentials during an engagement [https://blog.xpnsec.com/using-machine-accounts-during-an-engagement/] * Setting Service Principal Names To Roast Accounts [https:... Read More »