Author: zigmax
-
New alert for Microsoft Defender for Storage
Read more: New alert for Microsoft Defender for StorageHi, To expand the threat protections provided by Microsoft Defender for Storage, Microsoft added a new preview alert. Alert (alert type) Description MITRE tactic Severity PREVIEW – Access from a…
-
Storage | Scanning Azure Blob Storage
Read more: Storage | Scanning Azure Blob StorageHi! In this article, I will show you how you can scan an Azure Blob to identity potential public storage containers. By default when you create a new container, you…
-
AAD | Abuse Service Principals
Read more: AAD | Abuse Service PrincipalsHi! Attackers want to target service principals because: Service accounts and service principals do not have MFA Attackers can log into Azure using a service principal account These accounts exist…
-
Introduction aux tests d’intrusions Azure
Read more: Introduction aux tests d’intrusions AzureHi! Yesterday, I had the privilege to give a talk about an introduction of Azure Pentesting. Slides (in English) Video (in French) Maxime.
-
Azure Disk | Exfiltrate VM Disk
Read more: Azure Disk | Exfiltrate VM DiskHi! Previous article: Azure Disk | Data Exfiltration In this article, I will show you how we can leverage the PowerZure tool to exfiltrate data stored in the virtual machines…
-
VM | Exploit Virtual Machine with Manage Identity (MSI)
Read more: VM | Exploit Virtual Machine with Manage Identity (MSI)Hi! In this article, I will show you how you can exploit a virtual machine associated with a Managed Identity. To leverage this attack, we will use the LAVA –…