Securing Service Principals
How Entra ID App Registrations / Enterprise Applications are comonly misconfigured and can be used by attackers to elevate privileges, access sensitive information and move laterally across Azure tenancies.
Showing only posts tagged azure. Show all posts.
Pwnboxes
Simple method to define and build security testing containers in Podman
Azure Monitor - Activity Logging, Resource Logging and Alerts
Making Sense of Logging in Azure with Azure Monitor, Diagnostic Settings and Activity Log Alerts
Understanding Cloud Configuration Reviews
Blog post about Cloud Configuration Reviews
From Domain User to Domain Admin (DA), From DA to Global Admin (GA)
How to own an internal domain and pivot into the cloud